193 Results for

cross-site scripting


Microsoft to fix IE8 cross-site scripting problem, again

Microsoft to issue third fix for XSS filter in IE8 that can be exploited to launch cross-site scripting attacks on Web sites.

By April 20, 2010


Google RatProxy looks for cross-site flaws

Free tool helps Web developers analyze their site for a variety of cross-site vulnerabilities.

By July 3, 2008


Critical security flaws patched in latest Chrome release

Google has fixed a number of critical bugs in the new Chrome 44 update across multiple operating systems.

By July 23, 2015


Three privacy-focused browsers compared

SRware Iron, Comodo Dragon, and Dooble use the Chromium browser engine but promise to protect your privacy better than Google Chrome.

By December 20, 2013


New security holes found in D-Link router

Security researcher reveals multiple Web-based security vulnerabilities in the D-Link 2760N.

By November 11, 2013


Yahoo offers its first tepid bug bounty

The good news about Yahoo's security team is that it's finally offering bounties for independent researchers who uncover bugs. The bad news is that the bounty itself isn't exactly competitive.

By September 30, 2013


Yahoo revamps bug bounty policy after 'T-shirtgate'

It seems your security might be worth more than $12.50 after all. Yahoo's security team previews a new vulnerability reporting policy with rewards between $150 and $15,000.

By October 3, 2013


Wi-Fi routers: More security risks than ever

The research team that discovered significant security holes in more than a dozen home Wi-Fi routers adds more devices to that list at Defcon 21.

By August 3, 2013


Google beefs up the cash bounty for reporting vulnerabilities

The bounty for cross-site scripting bugs on Google Accounts, for instance, more than doubles to $7,500. The cash rewards tied to Gmail and Google Wallet get hefty bumps, too.

By June 6, 2013


Yahoo Mail hijacking exploit selling for $700

XSS vulnerability allows attacks to steal and replace tracking cookies, as well as read and send e-mail from a victim's account.

By November 26, 2012