Facebook's "Reset Password" page suffers major XSS flaw

Written by Dimitris Pagkalos

Sunday, 4 January 2009

DaiMon has once more discovered a new critical cross-site scripting vulnerability which affects the Facebook "Reset Password" page.


read more...

New highly critical Facebook XSS vulnerabilities pose serious privacy risks

Written by Dimitris Pagkalos

Monday, 15 December 2008

Facebook users are susceptible to phishing attacks and ID theft due to some new highly critical cross-site scripting vulnerabilities.


read more...

Google accounts SSL login page suffers from highly critical XSS

Written by Dimitris Pagkalos

Wednesday, 12 November 2008

In this case, the fact that SSL is being used on the login page, does not necessarily mean that the users' login information is secured.


read more...

Google cross domain frame injection vulnerability

Written by Dimitris Pagkalos

Saturday, 11 October 2008

Dan Goodin wrote a good article on TheRegister.co.uk about the titled issue. This is not really a new vulnerability.


read more...

New Orkut XSS worm by Brazilian web security group

Written by Dimitris Pagkalos

Saturday, 4 October 2008

Security researchers Octane[F/X], Rodrigo Lacerda and Klay Gomes were able to hack again Orkut  with their new XSS worm.


read more...

Citibank's critical cross-site scripting vulnerabilities

Written by Dimitris Pagkalos

Saturday, 16 August 2008

DaiMon and mox have discovered two critical XSS flaws on Citibank's website.


read more...

older news...  

 

31534 total xss
1615 fixed
6297 xss onhold
1009 EW subscribers


Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.