Another Ebay permanent XSS

Written by KF

Tuesday, 13 November 2012

The Indian security researcher Shubham Upadhyay aka Cyb3R_Shubh4M, sent us a new permanent XSS affecting the products listings on


F-Secure, McAfee and Symantec websites again XSSed

Written by DP

Friday, 13 January 2012

Once again, the websites of the three famous antivirus vendors are vulnerable to cross-site scripting. The vulnerabilities were reported by "Zeitjak" and "dick" back in mid-April 2011 and appear to be working still. They can be triggered on...


Happy New Year 2012!

Written by KF & DP

Sunday, 1 January 2012

Wishing you a very healthy, happy and prosperous new year!


Not surprisingly, McAfee websites are susceptible to XSS attacks

Written by DP & KF

Wednesday, 30 March 2011

Famous antivirus vendor McAfee has been all over the news the past few days, regarding cross-site scripting and information disclosure vulnerabilities that affected several of its websites. It all started when...


Secure Amazon Seller Central password reset page XSSed

Written by DP

Wednesday, 13 October 2010

Just another critical cross-site scripting vulnerability has been reported by "See Me" for Amazon Seller Central, a secure website where sellers who signed up for the "Checkout by Amazon" service can view and manage their orders... 


EV SSL-secured live PayPal site vulnerable to XSS

Written by DP

Wednesday, 6 October 2010

"d3v1l" from Security-Sh3ll has reported another critical XSS flaw affecting the live PayPal site, where "real money" changes hands... This XSS vulnerability once more undermines the security of Extended Validation SSL (EV SSL) digital certificates...


older news...  


45884 total xss
14724 special xss
3026 fixed
4613 xss onhold
2695 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.