Threat Post

D-Link Router Vulnerable to Cross-Site Scripting

D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number of stored and reflective cross-site scripting (XSS) vulnerabilities. D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number ...
Searchenginejournal.com

2M+ WordPress Sites Hit By Essential Addons For Elementor Vulnerability

Two Stored Cross-Site Scripting (XSS) vulnerabilities could allow attackers to inject malicious scripts into WordPress sites XSS vulnerabilities originated with inadequate sanitization and output ...
Threat Post

WordPress REST API Bug Could Be Used in Stored XSS Attacks

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. The recently patched WordPress REST API Endpoint vulnerability is ...
ZDNet

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

Bug bounty hunter and penetration tester Vishal Bharad claims to have discovered the security flaw, which is a stored XSS issue in icloud.com. Stored XSS vulnerabilities, also known as persistent XSS, ...
TechSpot

Apple AirTags are vulnerable to stored XSS injection attacks

PSA: Be warned: Apple AirTags are currently vulnerable to stored cross-site scripting (XSS) attacks. Among the various XSS exploits possible is a simple site redirect. If you find an AirTag and are ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...