Dark Reading

Researcher Details New Class Of Cross-Site Scripting Attack

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...
Dark Reading

Cross-Site Scripting: Attackers' New Favorite Flaw

For years buffer overflow has been the favorite target of online attackers, but no more: Cross-site scripting is now the biggest culprit That's the scoop from Mitre Corp., which later this week will ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...
CIO

Cross-Site Scripting Criminal Hacks

Facebook, one of the most popular websites, is a likely place for JavaScript hacks, due to cross-site scripting vulnerabilities and the overall lack of security of Facebook users. This allows hackers ...
CSOonline

What’s old is new again: AI is bringing XSS vulnerabilities back to the spotlight

Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...