Dark Reading

Tech Insight: XSS Exposed

SQL injection has been getting most of the attention lately, but the average SQL injection attack isn't nearly as sophisticated and difficult to pull off as a well-crafted cross-site scripting (XSS) ...
TechNewsWorld

Web-Based Worms: How XSS Is Paving the Way for Future Malware

I first became aware of cross-site scripting (XSS) nearly a decade ago. At the time, despite being an all too prevalent bug in Web applications, the risk posed by the flaw was of limited value. It was ...
InfoWorld

Persistent XSS flaws patched in multiple WordPress plugins

In addition to the All-in-One SEO plugin, WordPress administrators should update others that also have a cross-site scripting flaw Earlier this week, WordPress administrators were urged to update to ...
Dark Reading

Researcher Details New Class Of Cross-Site Scripting Attack

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...
InfoWorld

Big-name sites outted for XSS holes

What do adobe.com, yahoo.com, cbs.com, bbc.co.uk, microsoft.com, and vh1.com have in common? Well, aside from the obvious (they're all domain names ending with "dot-something"), they've all earned the ...