eqtvJan 28

Getting ready for the cybersecurity certification exam β€” Lab 28 (XSS) β€” Find a DOM vulnerability, work with cookies

https://peertube.eqver.se/w/pAtpu8LECJatWaSQ3xTNBY

Getting ready for the cybersecurity certification exam β€” Lab 28 (XSS) β€” Find a DOM vulnerability, work with cookies

PeerTube
The DefendOps DiariesJun 15, 2025

Over 46,000 Grafana instances are at risk of a sneaky account takeover thanks to a crafty XSS glitch. Is your analytics platform safe? Dive in to learn how to protect against this looming threat.

https://thedefendopsdiaries.com/understanding-the-grafana-vulnerability-cve-2025-4123/

#grafana
#cve20254123
#xssvulnerability
#cybersecurity
#infosec

Cyber Kendra Jan 22, 2025
Cookie Sandwich - New Attack Steals HttpOnly Cookies
https://www.cyberkendra.com/2025/01/cookie-sandwich-new-attack-steals.html
#security #vulnerability #Cookies #XSSvulnerability #infosec
Cookie Sandwich - New Attack Steals HttpOnly Cookies

New Cookie-Based Attack Bypasses HttpOnly Protections, Apache Tomcat Vulnerable to this Cookie Manipulation Attack.

Cyber Kendra
IndusfaceDec 20, 2023

Attackers are exploiting a critical #XSS #vulnerability (CVE-2023-34192) in #Zimbra.

Our latest #securitybulletin proposes mitigation measures to address the flaw: https://bit.ly/47bK2s6

#crosssitescripting #owasptop10 #owasp #zeroday #zerodayvulnerability #xssvulnerability #waap #DAST #waf #virtualpatching #apptrana #indusface

Understanding the Zimbra XSS Vulnerability | Induface Blog

The Zimbra XSS vulnerability allows an attacker to impact the confidentiality and integrity of the user's data. Understand how to find & fix this flaw.

Indusface
pablolarahApr 19, 2023

🟒Blubrry Addresses Authenticated Stored XSS Vulnerability in PowerPress WordPress Plugin
by Alex Thomas at @wordfence
#Wordpress #WordpressPlugin #Security #Vulnerability #XSSVulnerability

https://www.wordfence.com/blog/2023/04/blubrry-addresses-authenticated-stored-xss-vulnerability-in-powerpress-wordpress-plugin/

Blubrry Addresses Authenticated Stored XSS Vulnerability in PowerPress WordPress Plugin

On April 5, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting (XSS) vulnerability in Blubrry’s PowerPress plugin, which is actively installed on more than 50,000 WordPress websites. The vulnerability enables threat actors with contributor-level permissions or higher to inject malicious web scripts into pages using ...Read More

Wordfence
Samuel Vermeulen Feb 4, 2020
#ActuLibre This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs -> http://feedproxy.google.com/~r/TheHackersNews/~3/hVYLkzU91p8/hack-whatsapp-web.html #Whatsappvulnerability #hackwhatsappaccount #Crosssitescripting #securewebbrowser #XSSvulnerability #Whatsappweb #ElectronJS #JavaScript
This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs

A New WhatsApp Bug (CVE-2019-18426) Could Have Let Remote Hackers to Read Files from Your Computers by Sending Messages

The Hacker NewsFeb 4, 2020
This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs https://thehackernews.com/2020/02/hack-whatsapp-web.html #Whatsappvulnerability #hackwhatsappaccount #Crosssitescripting #securewebbrowser #XSSvulnerability #Whatsappweb #ElectronJS #JavaScript
This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs

A New WhatsApp Bug (CVE-2019-18426) Could Have Let Remote Hackers to Read Files from Your Computers by Sending Messages