XSS
Tag details
Welcome to the 'XSS' tag page at Technorati. This page features content from the farthest reaches of the Blogosphere that authors have "tagged" with 'XSS'.
Look up
"XSS"
at The Free Dictionary
"XSS"
at The Free Dictionary
Latest blogosphere posts tagged “XSS”
-
Twitter misidentifying context
The Spanner —
Authority:
This is an important post for me, not because it’s ground breaking but people don’t seem to get this when using data in certain context. If you are a dev please read this and read it until you understand it because if you misidentify context you fail and you fail pretty badly. I reported this to twitter about two ...18 hours ago -
Intert Security News: Week in Review
HomeATM —
Authority: 491
Internet Security News: Week in Review EU security agency highlights cloud computing risks (from NetworkWorld at 21-11-2009) Cloud computing users face problems including loss of control over data, difficulties proving compliance, and additional legal risks as data moves from ...2 days ago -
The Value of Self-Serving Code - Elizabeth Naramore
Computer & Internet - computer-internet.marc8.com —
Authority: 167
Its Friday night. Im writing code. Not good code, mind you. Crappy code. Completely self-serving code that serves only one purpose: to solve a problem I alone have. No one else will see this code. No one else will use this mini-app. Im writing it for myself and myself alone. read more3 days ago -
IE8 XSS Filter Bug
...Application Security... —
Authority: 113
The register just ran an article ( IE8 bug makes safe sites unsafe ) talking about a flaw in Internet Explorer 8s XSS filtering. I have researched the IE8 filter in the past and provided some of my thoughts on the matter. As the article correctly states, Im not aware of the actual flaw that has been discovered. ...3 days ago -
Effective Security Policy Messaging Important
Information Security Resources —
Authority: 534
By Christopher Burgess , Senior Security Adviser End users tuning you out? Here’s a three-step process for taking human factors into account in your security program (and even using them to your advantage). Let us begin with the premise that security policies exist to protect an entity’s assets as it ...4 days ago -
XSS Exploit found on Apple iTunes site… again
OS X Daily —
Authority: 662
A few weeks ago, there was an active XSS Exploit on Apple.com with their iTunes site. Well, a tipster sent us the exact same cross site scripting exploit that has been found again on another Apple iTunes site, this time it’s from Apple UK though. As last time, there are some rather amusing variations of the Apple ...5 days ago -
NoScript Firefox Addon Gives Preemptive And Secured Browsing Experience !
vhxn.com —
Authority: 441
This is a reliable and secured addon for your web browser. Therefore, you can allow your active content to run only from trusted sites and you can protect yourself against XSS and Click Jacking attacks. Moreover, this is the winner of “2006 PC World Class Award” as this is able to provide extra protection for your ...5 days ago -
So-Called Flash Vulnerability Retired by SecurityFocus
Security Watch —
Authority: 576
SecurityFocus, a prominent site owned by Symantec, has retired a recent report of a vulnerability in Flash .The report, which we recently criticized , speaks of a vulnerability related to the same-origin policy. The fear is that malicious flash code can access privileged data on the web servers domain, so that code ...6 days ago -
Interesting JForum vulnerabilties and the ESAPI WAF
omg.wtf.bbq. —
Authority: 100
The application I beat up for the ESAPI WAF preso at OWASP AppSec DC was JForum . It’s awesome, free, open source forum software that is quite popular ( CBS , EA and the Ukrainian government seem to like it). That aside, it’s got serious security problems. I disclosed these problems to them, um, ...6 days ago -
Increase Your Information Security IQ
Information Security Resources —
Authority: 534
By Robert Siciliano, Identity Theft Expert Years ago (like 20) a friend was graduating from college and moving away and a bunch of friends were throwing a party for this person. Collectively they asked me if I’d write a small speech as a version of “This is your life”. Stymied as to why they ...1 week ago -
Pending book review: ModSecurity 2.5
HolisticInfoSec.org —
Authority: 107
Packt Publishing , a UK based publishing firm specializing in focused IT books, has asked me to review Magnus Mischel s ModSecurity 2.5 . Having recently discussed monitoring ModSecurity with OSSEC , Im looking forward to reading this book. Ive been a ModSecurity fan since incorporating it in a secure server ...1 week ago -
WP-Cumulus updated to address yet another security issue
Roy Tanck's weblog —
Authority: 409
A few weeks ago I rushed out an update to fix a potentially dangerous Cross-Site Scripting (XSS) vulnerability in WP-Cumulus. With the PHP part of the plugin shielded from ‘outside use’, I was hoping no more issues would pop up. Still, I’m glad MustLive alerted me to another issue that uses the Flash movie ...1 week ago -
Internet Security News: Week in Review
HomeATM —
Authority: 491
Internet Security News: Week in Review Malware attacks surge, says Fortinet (from ComputerWorldUk at 14-11-2009) Fortinet, a network security provider and unified threat management (UTM) solutions specialist has observed the highest level of total malware detected in more than ...1 week ago -
Reported Flash Vulnerability Not a Flash Vulnerability
Security Watch —
Authority: 576
A real security flaw is being touted widely as a vulnerability in Flash .The problem comes on web sites that let users upload content. Many sites will upload the content to the same domain as the service itself. Since Flash has a same-origin policy, meaning that it can only operate in the context of the domain from ...1 week ago -
What Could Possibly Be Worse Than A Virus?
Information Security Resources —
Authority: 534
By Robert Siciliano, Identity Theft Expert Anti-virus protection, critical security patches and a secure wireless connection have always been essential processes on my networks. My main concern has always been to protect my bank account by keeping the bad guy out. In my presentations, I’ve always ...1 week ago -
WordPress 2.8.6 Security Release
JaypeeOnline —
Authority: 570
Just as I finished publishing my previous post, I saw the notification that WordPress 2.8.6 security release is now available for download. Here’s what the official WordPress blog has to say about this new release: 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have ...1 week ago -
WordPress 2.8.6 is OUT, with the Newest Security Release
Djarot Studio —
Authority: 110
Just got a buzz from a buddy of mine about wordpress 2.8.6 release. My first impression was whoa.. already? I still can feel the feels in my fingers - I coded a project built on wordpress 2.8.5, and it is now in the past! Well yea, wordpress known as one of the open source cms vendor with really really good care of ...1 week ago -
Update your Blog to WordPress 2.8.6
Make Money Online using SEO —
Authority: 107
I just update my blog to WordPress 2.8.6 , the new version fixes exploited registered (XSS vulnerability) and users logged-in posting privileges(exploited in certain Apache configurations by uploading files). So if you have untrusted authors on your blog, 2.8.6 is necessary. Let’s keep our make money online ...1 week ago -
WordPress 2.8.6
WordPress Philippines —
Authority: 123
WordPress 2.8.6 is another important security release that tackles vulnerabilities in the Press This bookmarklet and upload file names. The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file ...1 week ago -
Congressional Leak Spotlights P2P User Act
Information Security Resources —
Authority: 534
By Robert Siciliano, Identity Theft Expert Congress is still considering the Informed P2P User Act, a law that would supposedly make it safer to use peer-to-peer file sharing software, an effort that is similar to banning mosquitoes from sucking blood. It just isn’t happening. The only foolproof way ...1 week ago
