FBI.gov xssed!

Written by KF

Friday, 9 January 2009

Ok it is not the first time, but they had fixed them all. It will probably be the third or fourth time they try to address this damn cgi! Here is the XSS that Babaconda submitted to us (works only in Internet Explorer).

Facebook's "Reset Password" page suffers major XSS flaw

Written by DP

Saturday, 3 January 2009

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook "Reset Password" page.

New highly critical Facebook XSS vulnerabilities pose serious privacy risks

Written by DP

Monday, 15 December 2008

Facebook users are susceptible to phishing attacks and ID theft due to some new highly critical cross-site scripting vulnerabilities.

Google accounts SSL login page suffers from highly critical XSS

Written by DP

Wednesday, 12 November 2008

In this case, the fact that SSL is being used on the login page, does not necessarily mean that the users' login information is secured.

Google cross domain frame injection vulnerability

Written by DP

Saturday, 11 October 2008

Dan Goodin wrote a good article on TheRegister.co.uk about the titled issue. This is not really a new vulnerability.

New Orkut XSS worm by Brazilian web security group

Written by DP

Saturday, 4 October 2008

Security researchers Octane[F/X], Rodrigo Lacerda and Klay Gomes were able to hack again Orkut with their new XSS worm.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

45884 total xss 14724 special xss 3026 fixed 5328 xss onhold 2933 EW subscribers

Tweets about ""cross site scripting" OR from:xssedcom"