ZDNet

Evernote for Windows patch resolves stored XSS vulnerability

Evernote has patched a flaw in the Microsoft Windows version of the app which permitted stored XSS attacks to occur. The vulnerability, CVE-2018-18524, has been resolved in Evernote for Windows 6.16.1 ...
Network World

The what, who, when, where, why and how of XSS

In 2005, a MySpace user named Samy discovered a unique way to expand his buddy list. Within 24 hours, the number of friends on his page grew from 73 to more than 1 million. He achieved this instant ...
Searchenginejournal.com

XSS Vulnerability Affects Beaver Builder WordPress Page Builder

Beaver Builder is a popular plugin that allows anyone to create a professional looking website using an easy to use drag and drop interface. Users can start with a predesigned template or create a ...
CSOonline

Severe Azure HDInsight flaws highlight dangers of cross-site scripting

Security researchers have found eight serious cross-site scripting (XSS) flaws in Azure HDInsight, a big data processing service powered by open-source technologies like Apache Hadoop, Spark, Hive and ...
Searchenginejournal.com

All In One SEO WordPress Plugin Vulnerability Affects Up To 3+ Million

The United States National Vulnerability Database published an advisory about two vulnerabilities discovered in the All In One SEO WordPress plugin. All In One SEO (AIOSEO) plugin, which has over ...
Threat Post

Reflected XSS Bug Patched in Popular WooCommerce WordPress Plugin

Automattic has patched a reflected cross-site scripting vulnerability in the WooCommerce WordPress plugin. An extension of the WooCommerce WordPress plugin, used by 28 percent of all online stores, ...
ZDNet

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

A stored cross-site scripting (XSS) vulnerability in the iCloud domain has reportedly been patched by Apple. Bug bounty hunter and penetration tester Vishal Bharad claims to have discovered the ...