Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...

Attackers can exploit a cross-site scripting vulnerability in Citrix's Netscaler ADCs and Gateways. Updates close it.

Attackers are able to bypass the reflective cross-site scripting filter in Internet Explorer; the weakness is accepted by Microsoft as part of its design philosophy for the filter and will not be ...

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Department of Homeland Security has warned federal agencies ...

In cyber security, attention is concentrated on the new -- zero-day exploits, for example, are big news and big business. But old threats can still cause big problems for organizations, even when the ...

The attack highlights the under-rated and often-ignored risk of allowing employees to check their personal e-mail accounts at work, the company says. Cross-site scripting (XSS) is a common security ...

In 2011, a group of hackers known as Lulzsec went on a two month rampage hacking into dozens of websites including those owned by FOX, PBS, the FBI, Sony and many others. The group was eventually ...

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research ...

[ UPDATE: Microsoft plans to ship an XSS filter update in June 2010to fix what is hopefully the last attack scenario ] The cross-site scripting filter that ships with Microsoft's Internet Explorer 8 ...

Apple on Tuesday patched code execution and cross-site scripting vulnerabilities on Tiger, Leopard, Vista and XP in a Safari update that included 13 patches. CVE-2008-1010: This update is for Mac OS X ...