Mozilla's security engineers are working on new technology that promises to mitigate a large class of Web application vulnerabilities, especially the cross-site scripting (XSS) plague against modern ...

This entry should serve as an introduction to the threat of cross site scripting and how they can be exacerbated by the use of AJAX. This is the first part of a multipart series where I will detail ...

Cross-site scripting is a web application vulnerability which allows attackers to execute arbitrary code client-side in a victim's browser, which can lead to browser session hijacking or the theft of ...

A slew of cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities that affect several network management system (NMS) products has been uncovered. Security firm Rapid7 has released details ...

The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. A stored cross-site scripting (XSS) vulnerability in ...

Security researcher Lyra Rebane has devised a novel clickjacking attack that relies on Scalable Vector Graphics (SVG) and ...

A Twitter user has demonstrated a cross-site scripting (XSS) vulnerability on the microblogging platform that could allow an attacker to take over users' accounts or spread malware. An Indonesian ...

A cross-site scripting vulnerability in Microsoft Office 365 casts attention on the need to shore up the security of cloud-based enterprise applications. A researcher in the UK disclosed the details ...

The high-profile attack that hit the Twitter website early this morning and affected tens to hundreds of thousands of Twitter users serves as a reminder of just how the pervasive but often-dismissed ...