Threat Post

WordPress Plugins Bogged Down with CSRF, XSS Vulnerabilities

A handful of bugs, mostly XSS and CSRF vulnerabilities, have been plaguing at least eight different Wordpress plugins as of late. A smattering of bugs, mostly cross-site scripting (XSS) and cross-site ...
Threat Post

XSS, CSRF Vulnerabilities identitified in WSO2 Identity Server

A handful of vulnerabilities have been identified in WSO2 Identity Server that could lead to takeover, firewall bypass, and potentially open subsequent internal servers up to further attacks. A ...
Infosecurity-magazine.com

XSS is Most Rewarding Bug Bounty as CSRF is Revived

Cross-site scripting (XSS) is the most rewarding security vulnerability, according to data on the number of bug bounties paid. According to HackerOne’s top 10 most impactful security vulnerabilities, ...
CSOonline

Threat Watch: Cross Site Request Forgery (CSRF)

After Cross Site Scripting (XSS), the second most common web application security exploit is probably one you haven’t heard of: Cross Site Request Forgery (or CSRF for short). This little-known but ...
Computer Weekly

CSRF attack: How hackers use trusted users for their exploits

It’s common knowledge that images make webpages, email footers and other similar elements more presentable and attractive. But a simple image containing a malicious link can be a serious threat. For ...
Dark Reading

Twitter Attack An XSS Wake-Up Call

The high-profile attack that hit the Twitter website early this morning and affected tens to hundreds of thousands of Twitter users serves as a reminder of just how the pervasive but often-dismissed ...