ZDNet

Google tackles XSS scripting flaws with new developer tools

Google has released two new tools for developers looking to protect web domains against XSS scripting security flaws. Cross-site scripting (XSS) is a common security issue web developers face today.
Threat Post

WordPress XSS Bug Allows Drive-By Code Execution

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. A just-patched stored cross-site scripting (XSS) vulnerability in WordPress allowed drive-by remote ...
Infosecurity-magazine.com

XSS and SQL Injection Plague Several NMSes

A slew of cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities that affect several network management system (NMS) products has been uncovered. Security firm Rapid7 has released details ...
Infosecurity-magazine.com

Salesforce Patches Dangerous XSS Flaw

Salesforce.com has patched a cross site scripting flaw in a sub-domain which could have been exploited by hackers to hijack accounts or distribute malware. The vulnerability in “admin.salesforce.com” ...