UPDATED GitLab has pushed out a significant security release that addresses multiple flaws including an arbitrary file read issue rated as ‘critical’ and two high-impact vulnerabilities. An update...
The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. The set includes...
Despite being a known and well-documented vulnerability, web cache poisoning continues to crop up around the web. In extensive research of many websites, including some high-traffic...
A web security flaw in an anti-cheating browser extension created a means to hack into the computers of university students and other users before they were recently patched....
Ethical hackers have reported over 66,000 valid vulnerabilities through HackerOne this year, an increase of 22% from 2020. The annual Hacker-Powered Security Report from bug bounty platform HackerOne, published on...
Drupal, the widely used web content management system (CMS), has released security updates due to vulnerabilities in CKEditor, a third-party rich text editor bundled with Drupal....
The Chromium team has patched a universal cross-site scripting (uXSS) vulnerability that allowed attackers to run arbitrary JavaScript code on Chrome’s ‘New Tab’ page (NTP). According to a...
Leading browser vendors are putting the finishing touches to a set of APIs that make it easier for developers to protect their web applications against cross-site scripting (XSS)...
A security researcher has reported multiple cross-site scripting (XSS) vulnerabilities in a child monitoring app that could leak data including a minor’s location. Tripwire’s Craig Young said that...
Beego has patched a severe cross-site scripting (XSS) vulnerability that could lead to the compromise of a victim’s session or account. Beego is an open source framework designed for building...
Recent Comments