ZDNet

XSS vulnerability found in popular WYSIWYG website editor

Discovered by Bishop Fox security consultant Chris Davis and publicly disclosed on Wednesday, the bug, tracked as CVE-2021-28114, impacts Froala version 3.2.6 and earlier. Froala is a lightweight What ...
Business Insider

Forbes Exploited: XSS Vulnerabilities Allow Phishers to Hijack Sessions & Steal Logins

Here's another delicious Byte. Ucha Gobejishvili, a Georgian Security Researcher under the handle of longrifle0x, discovered two cross site scripting (XSS) vulnerabilities on the official website of ...
Bleeping Computer

Phishing campaign uses UPS.com XSS vuln to distribute malware

A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents. The phishing scam was first discovered by security research Daniel ...