Monday, 4 May 2009

Roi Saltzman, a Security Researcher at IBM Rational Application Security Research Group, has been credited with the discovery  of this vulnerability - now fixed on Version 1.0.154.59 - which allows universal cross-site scripting (UXSS) without user interaction under certain conditions.  

Sunday, 3 May 2009

Security researcher Pierre Gardenat has recently discovered two critical cross-site scripting bugs on Barclays.com.

Sunday, 3 May 2009

Methodman from Team-Elite has discovered a few vulnerabilities on several McAfee websites. Malicious users can exploit these bugs to infect customers and site visitors with malware, adware and spyware. They can also conduct phishing attacks by redirecting McAfee customers to fake McAfee sites.

Thursday, 23 April 2009

Xylitol reported five critical cross-site scripting vulnerabilities affecting Sun Microsystems website.

Thursday, 23 April 2009

Security researcher Pierre Gardenat reported a new interesting vulnerability in Google's service Orkut. Malicious users can spread XSS worms on Orkut or steal authentication credentials from Google users who also use Orkut. *FIXED*

Wednesday, 15 April 2009

According to methodman, the search feature for Symantec Connect page was vulnerable to XSS. Malicious people could exploit these XSS vulnerabilities to infect millions of Symantec users and site visitors with malware, adware and spyware.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18