TechNewsWorld

XSS Flaw Burns a Hole in Kindle Security

Security consultant Benjamin Mussler last week warned that the Kindle e-book library had a cross-site scripting vulnerability. It appears Amazon previously had fixed the XSS flaw but two months ago ...
Dark Reading

CISA Urges Software Makers to Eliminate XSS Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are urging organizations to focus on eliminating cross-site scripting vulnerabilities in ...
https//fedtechmagazine.com

What Is a Cross-Site Scripting (XSS) Attack & Are You Prepared?

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Department of Homeland Security has warned federal agencies ...
ZDNet

Google patches ‘awesome’ XSS vulnerability in Gmail dynamic email feature

Google has resolved an XSS vulnerability in Gmail described by the tech giant's own team as "awesome." On Monday, Michał Bentkowski, Chief Security Researcher at Securitum, disclosed the vulnerability ...
Threat Post

Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications

Netflix released Sleepy Puppy, a cross-site scripting payload management framework, to open source. The tool finds XSS vulnerabilities in secondary applications. Most automated scanning and security ...
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
Computer Weekly

Adobe patches Flash to fix zero-day XSS vulnerability

Adobe has released an update for Flash player to counter a cross-site scripting vulnerability, just days after its release. The vulnerability (CVE-2011-2107), rated ‘important’ by Adobe, affects Flash ...