Tens of thousands of IceWarp mail server systems remain vulnerable to a troublesome web security vulnerability – despite the fact that the issue was patched last year. Lütfü Mert...
A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious ‘Invoice’ Word documents. The phishing scam was first discovered by...
A cross-site scripting (XSS) vulnerability in a popular WordPress plugin could allow an attacker to completely take over a website, researchers have warned. The flaw made it possible...
Security researchers found vulnerabilities in the Wodify fitness platform that allows an attacker to view and modify user workouts from any of the more than 5,000 gyms...
Security vulnerabilities in online text editor Etherpad could allow attackers to remotely compromise a victim’s server and steal sensitive information, new research reveals. A cross-site scripting flaw (XSS)...
Google has revealed how a set of internally developed browser APIs and policies can simplify the prevention of DOM-based cross-site scripting (XSS) vulnerabilities. According to a report penned by Google...
GitLab has resolved a raft of vulnerabilities – including two high-impact web security flaws – with an update to its software development platform. A cross-site request forgery (CSRF)...
A security researcher has penned a deep dive on bypassing lexical parsers with special HTML tags that leverage HTML parsing logic to ultimately execute arbitrary JavaScript code. Chris...
The maintainers of the Wire secure messaging app have patched the software against two security vulnerabilities, one of which could have allowed an attacker to “fully...
The SIP communications protocol can be abused to perform cross-site scripting (XSS) attacks, new research has revealed In a blog post on Thursday (June 10), Enable Security’s Juxhin Dyrmishi Brigjaj...
Recent Comments