XSS

Coverity announced the creation of the Coverity Security Library, an open source project available through GitHub and Maven to help developers easily fix cross-site scripting …

A new web application attack report by FireHost offers an impression of the current internet security climate and provides statistical analysis of 15 million cyber attacks …

The median annual attack incidents on the 50 Web applications observed was 274 times a year, with one target experiencing more than 2,700 attack incidents. According to a new …

FireHost revealed the latest statistical analysis of attacks successfully blocked by its servers. During the period of April to June 2012, web applications, databases and …

WhiteHat Security reviewed serious vulnerabilities in websites during 2011, examining the severity and duration of the most critical vulnerabilities from 7,000 websites across …

Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology it’s built on, just like an actual …

A bug in the latest version of Skype for iPhone and iPod touch makes its users vulnerable to having their address book stolen just by viewing a specially crafted message, says …

According to a German researcher, a XSS bug in the latest (5.5.0.113) Skype version for Windows could allow attackers to inject malicious code into users’ phone sessions …

Faced with the reality that exploiting a single SQL Injection vulnerability or cross-site scripting (XSS) error in any web application could take down an organization’s …

A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia. Certain …

With the trend of targeted cyber attacks along with the exploitation of common vulnerabilities such as SQL injection, it is clear that the core software infrastructure of …

A new Cenzic report reveals widespread Web application vulnerabilities, with 2,155 discovered – a third of which have both no known solution and an exploit code publicly …