Archive for the ‘Cross site scripting’ Category
Update (22 June 2019) — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here.
Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in the popular email app that is currently being used over 100 million users.
According to an
Posted in android apps, Cross site scripting, hacking news, Microsoft Outlook, Outlook for Android, patch update | Comments (0)
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed.
Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper Extension for Chrome
Posted in Browser extensions, chrome, chrome extension, Cross site scripting, cyber security, Universal XSS, Web Application Security, Web Application Vulnerability, website hacking | Comments (0)
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.
According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in
Posted in Cross site scripting, cybersecurity, Drupal, Drupal hacking, hacking news, JQuery, php security, remote code execution, Vulnerability, website security | Comments (0)
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services.
StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows
Posted in application security, cross site origin request, Cross site scripting, hacking news, StackStorm, Web Application Security, XSS vulnerability | Comments (0)
A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world.
According to the researchers—Ibrahim Baggili, Peter Casey and Martin Vondráček—the underlying
Posted in Bigscreen VR, Cross site scripting, hacking news, VR apps, vr experience, vr headset, Vulnerability | Comments (0)
A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world's most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites' visitors at risk of hacking.
Independent researcher and bug-hunter Paulos Yibelo, who shared his new research with The Hacker News, discovered roughly
Posted in best web hosting, cheap web hosting, Cloud hosting, Cross site scripting, Dedicated Hosting, free web hosting, hosting services, Vulnerability, Web Application Vulnerability, Web hosting service | Comments (0)
IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.
Posted in Cross site scripting, Emaze Networks, Gabriele Gristina, IBM, MobileFirst, vulnerabilities, Worklight, XSS | Comments (0)
While Windows users are currently in fear of getting their systems hijacked by the WannaCry ransomware outbreak, Apple users are sitting relaxed, thinking that malware attacks are something that happens to Windows users, and not Apple.
But you are mistaken – Apple products are also not immune to the hack attacks and malware infections, as an ebook can hack your Mac, iPhone, and iPad.
Posted in apple security, Apple TV, Cross site scripting, hacking news, iOS Update, ipad hacking, iPhone Security, remote code execution, Security patch Update, update iphone, Vulnerability | Comments (0)
Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.
Posted in critical infrastructure, Cross site scripting, file upload vulnerability, harsh environments, Input validation, Maxim Rupp, path traversal, RuggedCom, server misconfiguration, Siemens, vulnerabilities | Comments (0)
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Posted in command injection vulnerability, Cross site scripting, Cross-site request forgery, ISP gear, networking gear, PHP, SEC Consult Vulnerability Lab, Ubiquiti Networks, vulnerabilities | Comments (0)