Network World

New cross-site scripting attack targets VoIP

A dangerous new cross-site scripting attack is being called the first Web 2.0 exploit used against VoIP. Security researchers have found a way to execute cross-site scripting attacks through VoIP ...
Dark Reading

OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover

Critical API security flaws have put millions of users at risk for account takeover, by using a modern authentication standard to resurrect a longtime vulnerability. The bugs were found in the Hotjar ...
Computerworld

How to defeat the new No. 1 security threat: cross-site scripting

Cross-site scripting, often abbreviated XSS, is a class of Web security issues. A recent research report stated that XSS is now the top security risk. In a typical XSS scenario, a Web page might use ...
CRN

Twitter Site Update Opened Hole For 'onMouseOver' XSS Attack

The teen, identified as Pearce Delphin, 17, detected the cross-site scripting (XSS) flaw which allowed JavaScript code to appear as plain text in tweets that could then be launched on the browsers of ...
CRN

Researchers Uncover 'Massive Security Flaws' In Amazon Cloud

Security researchers from Ruhr-University Bochum (RUB) found that Amazon Web Services was vulnerable to different methods of attack, including signature wrapping and cross site scripting, Those ...