A Stored Cross-Site Scripting (Stored XSS) vulnerability was recently discovered in Cacti that allows an authenticated user to poison the data stored in Cacti’s database. Moreover, administrative accounts can...
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers....
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user data. Researchers at Patchstack discovered and disclosed the...
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers to create arbitrary files on the...
Researchers have disclosed a raft of serious document management system (DMS) vulnerabilities impacting four enterprise vendors who have not yet resolved the issues. In a blog post published...
Gartner has patched a DOM XSS vulnerability found in the Peer Insights widget, a security bug researchers reckon dates back to the original development of the software. In...
XSS Hunter now has a home at Truffle Security, which has launched a new version of the tool after its original creator declared that he will be...
Zoom has patched a cross-site scripting (XSS) bug that worked in both the desktop and web versions of its Whiteboard app. Zoom Whiteboard allows users to...
Malicious actors can stage cross-site scripting (XSS) attacks across the subdomains of a website if they can trick users of Chromium browsers into entering a simple...
A security researcher has disclosed a CSS injection flaw in Acronis software which could be abused for data theft. On November 4, ‘Medi’ (under the alias...
Recent Comments