Threat Post

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

The cross-site scripting flaw could enable arbitrary code execution, information disclosure – and even account takeover. A high-severity flaw has been disclosed in TinyMCE, an open-source text editor ...
ZDNet

Hackers target critical XSS vulnerability in millions of Wordpress sites

Millions of Wordpress websites are at risk due to a vulnerability present in the default installation of the content management system. Security researcher David Dede warned on Wednesday the ...
Threat Post

GoDaddy Addresses Blind XSS Vulnerability Affecting Online Support

Domain registrar GoDaddy fixed a vulnerability affecting systems used by its customer support agents that could have been abused to take over, modify or delete accounts. Domain registrar GoDaddy fixed ...
ZDNet

Netflix Sleepy Puppy XSS flaw detection tool goes open source

Cross-site scripting is a web application vulnerability which allows attackers to execute arbitrary code client-side in a victim's browser, which can lead to browser session hijacking or the theft of ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...
SD Times

Netflix open-sources XSS detection framework

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...