https//fedtechmagazine.com

What Is a Cross-Site Scripting (XSS) Attack & Are You Prepared?

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Department of Homeland Security has warned federal agencies ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
FedScoop

Google aims to fix XSS, make the web safer

Tech giant Google has issued tools to help web developers identify and mitigate cross-site scripting vulnerabilities, one of the most common forms of hacking attacks. Servers that host websites, which ...

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a ...
Threat Post

D-Link Router Vulnerable to Cross-Site Scripting

D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number of stored and reflective cross-site scripting (XSS) vulnerabilities. D-Link’s 2760N (DSL-2760U-BN) routers allegedly contain a number ...
ZDNet

99 percent of About.com links vulnerable to XSS, XFS iframe attack

About.com has a huge security problem, but it's likely worse for the over 98 million monthly visitors to the About Group's various topic-specific subdomains. As big data, the IoT, and social media ...
Hackaday

The Dark Arts: Cross Site Scripting

In 2011, a group of hackers known as Lulzsec went on a two month rampage hacking into dozens of websites including those owned by FOX, PBS, the FBI, Sony and many others. The group was eventually ...
Threat Post

WordPress XSS Bug Allows Drive-By Code Execution

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...