Cross-Site Scripting

Type: Keyphrase

Name: Cross-Site Scripting

First reported May 17 2013 - Updated May 17 2013 - 1 reports

Vigil@nce - Drupal: Cross Site Scripting of Filebrowser

- Drupal: Cross Site Scripting of FilebrowserMay 2013 by Vigil@nce This bulletin was written by Vigil@nce : http://vigilance.fr/offerSYNTHESIS OF THE VULNERABILITYAn attacker can trigger a Cross Site Scripting in Filebrowser of Drupal, in order to execute ... [Published Global Security Mag Online - May 17 2013]

Entities: Drupal, Cross-Site Scripting, Vulnerability, JavaScript

First reported May 15 2013 - Updated May 15 2013 - 2 reports

[web applications] - Wordpress Newsletter 3.2.6 Cross Site Scripting Vulnerability

[Published Inj3ct0r.com - May 15 2013]

Entities: Cross-Site Scripting, WordPress

First reported May 14 2013 - Updated May 15 2013 - 3 reports

Vigil@nce - WordPress: Cross Site Scripting of SyntaxHighlighter Evolved

- WordPress: Cross Site Scripting of SyntaxHighlighter EvolvedMay 2013 by Vigil@nce This bulletin was written by Vigil@nce : http://vigilance.fr/offerSYNTHESIS OF THE VULNERABILITYAn attacker can trigger a Cross Site Scripting in SyntaxHighlighter Evolved ... [Published Global Security Mag Online - May 15 2013]

Entities: Cross-Site Scripting, WordPress, Vulnerability, JavaScript

First reported May 14 2013 - Updated May 15 2013 - 5 reports

WordPress Video JS Cross Site Scripting

Topic: WordPress Video JS Cross Site Scripting Risk: Low Text:These are Cross-Site Scripting vulnerabilities in multiple plugins forWordPress with VideoJS. Earlier I've wrote about vulne... ... [Published WLB2 Database - CXSecurity.com - May 15 2013]

Entities: Cross-Site Scripting, WordPress

First reported May 14 2013 - Updated May 14 2013 - 2 reports

Ubuntu Security Notice USN-1823-1

Ubuntu Security Notice 1823-1 - Multiple memory safety issues were discovered in Thunderbird. If the user were tricked into opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service ... [Published Packet Storm Security Advisories - May 14 2013]

Entities: ubuntu, Cross-Site Scripting, Security

First reported May 14 2013 - Updated May 14 2013 - 4 reports

[web applications] - Joomla Jnews 8.0.1 Cross Site Scripting Vulnerability

[Published Inj3ct0r.com - May 14 2013]

Entities: Cross-Site Scripting

First reported May 14 2013 - Updated May 14 2013 - 1 reports

[web applications] - WordPress Search And Share 0.9.3 Cross Site Scripting Vulnerability

[Published Inj3ct0r.com - May 14 2013]

Entities: Cross-Site Scripting, WordPress

First reported May 14 2013 - Updated May 14 2013 - 1 reports

Netcraft.com Cross Site Scripting

www.netcraft.com suffered from a cross site scripting vulnerability. ... [Published Exploit Files ≈ Packet Storm - May 14 2013]

Entities: Cross-Site Scripting

First reported May 14 2013 - Updated May 14 2013 - 3 reports

Red Hat Security Advisory 2013-0820-01

Red Hat Security Advisory 2013-0820-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious ... [Published Packet Storm Security Advisories - May 14 2013]

Entities: Red Hat Inc, Mozilla Firefox, Security, XUL

First reported May 14 2013 - Updated May 14 2013 - 1 reports

Gallery 'key' Values Cross-Site Scripting Vulnerability

Bugtraq ID: 59469 Class: Unknown CVE: Remote: Yes Local: No Published: Apr 23 2013 12:00AM Updated: Apr 23 2013 12:00AM Credit: Bharat Vulnerable: Not Vulnerable ... [Published SecurityFocus - May 14 2013]

Entities: Cross-Site Scripting

First reported May 13 2013 - Updated May 14 2013 - 2 reports

Joomla Jnews 8.0.1 Cross Site Scripting

Joomla Jnews version 8.0.1 suffers from an Open Flash-Chart cross site scripting vulnerability. ... [Published Exploit Files ≈ Packet Storm - May 14 2013]

Entities: Cross-Site Scripting

First reported May 14 2013 - Updated May 14 2013 - 3 reports

Joomla Phocagallery 3.0.0 / 4.0.0 Cross Site Scripting

Topic: Joomla Phocagallery 3.0.0 / 4.0.0 Cross Site Scripting Risk: Low Text:# Exploit Title: Joomla com_phocagallery Plupload Flash XSS # Release Date: 13/05/2013 # Author: Rafay Baloch And Deepankar A... ... [Published WLB2 Database - CXSecurity.com - May 14 2013]

Entities: Cross-Site Scripting, Baloch

Quotes

...affect the introduction of vulnerabilities, which leave the door open to breaches," says Jeremiah Grossman, cofounder and CTO of WhiteHat Security. "This report-comprising survey and website vulnerability data-is the first time we can correlate various software security controls and SDLC behaviors to vulnerability outcomes and breaches. The results are both insightful and complex."

WEAK WEBS Serious vulnerabilities decrease, but more attention needed [Published ABA Banking Online - May 17 2013]

SAN FRANCISCO "Our growth over the past two quarters is indicative of the fact that every company - be it a new startup or a 100 year-old Fortune 500 company - is becoming a software company to some degree" said Anthony Bettencourt

Coverity Reports More Than 30 Percent Year-over-Year Growth For H1 2013 [Published TheStreet.com - May 15 2013]

"The lack of security engineering awareness and education among the software engineering workforce can be a significant obstacle to organizations working to implement software security programs" Howard A Schmidt, executive director of SAFECode and former White House cyber-security coordinator, said in a statement

SAFECode Launches Free Software Security Training Courses [Published Security Week - May 14 2013]

"Criminals use anonymous money transfer systems or prepaid credit cards to receive the payments. The ransom typically ranges between $50 and $400. In many cases, payment doesn't unlock the computer."

Web sites used against users [Published IT Web - May 08 2013]

More Content

sort by: Date \| Relevance
NoScript 2.6.6.2 (GPL) [Published Softpedia - May 17 2013]
Vigil@nce - Cisco Prime Central for Hosted Coll... [Published Global Security Mag Online - May 17 2013]
Vigil@nce - Drupal: Cross Site Scripting of Fil... [Published Global Security Mag Online - May 17 2013]
WEAK WEBS Serious vulnerabilities decrease, but... [Published ABA Banking Online - May 17 2013]
How To Protect Your Yahoo Mail Against Hackers [Published SiliconANGLE - May 16 2013]
Multiple vulnerabilities in multiple themes for... [Published gmane.comp.security.full-disclosure - May 16 2013]
Multiple vulnerabilities in multiple themes for... [Published Seclists.org - Full Disclosure - May 16 2013]
Mandriva Linux Security Advisory 2013-165 [Published Packet Storm - May 16 2013]
[web applications] - Wordpress Newsletter 3.2.6... [Published Inj3ct0r.com - May 15 2013]
Vigil@nce - WordPress: Cross Site Scripting of ... [Published Global Security Mag Online - May 15 2013]
Coverity Reports More Than 30 Percent Year-over... [Published TheStreet.com - May 15 2013]
WebEx Social Input Validation Flaws Permit Remo... [Published Security Tracker - May 15 2013]
WordPress Video JS Cross Site Scripting [Published WLB2 Database - CXSecurity.com - May 15 2013]
WordPress Video JS Cross Site Scripting [Published World Laboratory of Bugtraq Database - Informat ... - May 15 2013]
WordPress Video JS Cross Site Scripting [Published SecurityAlert Database - Vulnerability Database - May 15 2013]
Vuln: Mozilla Firefox and Thunderbird CVE-2013-... [Published SecurityFocus Vulnerabilities - May 15 2013]
Vuln: Cisco WebEx Social CVE-2013-1244 Cross Si... [Published SecurityFocus Vulnerabilities - May 15 2013]
Wordpress Newsletter 3.2.6 Cross Site Scripting [Published Exploit Files ≈ Packet Storm - May 15 2013]
Ubuntu Security Notice USN-1823-1 [Published Packet Storm Security Advisories - May 14 2013]
SAFECode Launches Free Software Security Traini... [Published Security Week - May 14 2013]
USN-1823-1: Thunderbird vulnerabilities [Published Ubuntu Security Notices - May 14 2013]
[web applications] - Joomla Jnews 8.0.1 Cross S... [Published Inj3ct0r.com - May 14 2013]
[web applications] - WordPress Securimage 3.2.4... [Published Inj3ct0r.com - May 14 2013]
[web applications] - WordPress Video JS Cross S... [Published Inj3ct0r.com - May 14 2013]
[web applications] - WordPress Search And Share... [Published Inj3ct0r.com - May 14 2013]
Bromium: A virtualization technology to kill al... [Published ZDNet - May 14 2013]
Netcraft.com Cross Site Scripting [Published Exploit Files ≈ Packet Storm - May 14 2013]
Red Hat Security Advisory 2013-0820-01 [Published Packet Storm Security Advisories - May 14 2013]
Red Hat Security Advisory 2013-0821-01 [Published Packet Storm Security Advisories - May 14 2013]
Ubuntu Security Notice USN-1822-1 [Published Packet Storm Security Advisories - May 14 2013]

sort by: Date \| Relevance
Coverity at RSA 2013: Why SQL Injection and Cro... [Published PR Newswire: Business Technology - Feb 19 2013]
Cross-Site Scripting Attacks Up 160 Percent in ... [Published Marketwire - Breaking News Releases - Jan 29 2013]