Advertisements

YouTube XSS celebrates one month of age

Written by DP

Thursday, 6 December 2007

YouTube is currently number 4 of the most visited websites on the planet according to Alexa. With more than 100 million video views every day, visitors are at great risk due to a serious cross-site scripting vulnerability, from which YouTube suffers for a month already.


read more...

New design, new sections!

Written by KF and DP

Friday, 30 November 2007

As you noticed, we now have a fresh new design, we really hope you appreciate this new version! And this is not the only improvement; the long awaited early warning mailing list is now opened, feel free to subscribe to it if you want to receive XSS alerts affecting your web sites!


read more...

XSSed.net is again mistakenly listed as a phishing website

Written by DP and KF

Wednesday, 14 November 2007

You have probably noticed that the mirrors of all archived XSS vulnerable websites do not show up. This is due to some people who submitted and validated the domain to online anti-phishing services. Validation comes from researching something and possessing proofs that is accurate and adequate. It will be very boring for us if every time a new anti-phishing service comes up, marks our site as phishing and blocks our domain.


read more...

Funny incident regarding Prevx.com XSS vulnerability

Written by DP and KF

Tuesday, 6 November 2007

Prevx has this slogan: "We detect the threats that others miss". They state on their blog that received an unsolicited e-mail from us "raising the possibility that a querystring parameter could be exploited to launch a malicious script by the caller to the download page."


read more...

PayPal is now offering a free URL redirection service

Written by DP

Sunday, 4 November 2007

Nemessis has discovered a new XSS/URL redirect vulnerability on PayPal.com. You can simply choose your preferable landing URL. This service is revolutionary as there is no need to register on the site. Anyone can use it for free.


read more...

PayPal Payflow payment gateway vulnerable to XSS

Written by DP

Thursday, 1 November 2007

Good month to everyone! A cross-site scripting vulnerability affecting PayPal's Payflow payment gateway, was discovered by Nemessis just two days after another PayPal XSS was fixed.


read more...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 

 

45884 total xss
14724 special xss
3026 fixed
5328 xss onhold
2930 EW subscribers

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.