Universal Cross-Site-Scripting Vulnerability in iOS / WatchOS cve.report/CVE-2021-1879
πŸ‘︎ 55
πŸ“°︎ r/apple
πŸ’¬︎
πŸ‘€︎ u/lgats
πŸ“…︎ Apr 02 2021
🚨︎ report
Cross-Site Scripting Vulnerabilities in Elementor Impact Over 7 Million Sites [Free WordFence users not protected until March 25th] wordfence.com/blog/2021/0…
πŸ‘︎ 55
πŸ“°︎ r/Wordpress
πŸ’¬︎
πŸ‘€︎ u/greg8872
πŸ“…︎ Mar 17 2021
🚨︎ report
NoScript is no longer recommended, and searching this subreddit for recent relevant posts shows the consensus to be that uBlock Origin fully replaces the functionally of NoScript. But doesn't uBlock not prevent cross-site scripting attacks?

If this is the case, should I allow first-party in NoScript, but disable first party in uBlock? How should I configure NoScript's settings ("script," "object," "media," "frame," "font," "webgl," "ping," "noscript," "other") so the functionality doesn't overlap?

πŸ‘︎ 35
πŸ“°︎ r/privacytoolsIO
πŸ’¬︎
πŸ‘€︎ u/MOD3RN_GLITCH
πŸ“…︎ Feb 20 2021
🚨︎ report
Cross site scripting (XSS) in less than 2 minutes youtube.com/watch?v=MN8OR…
πŸ‘︎ 79
πŸ“°︎ r/netsecstudents
πŸ’¬︎
πŸ‘€︎ u/I_am_your_jesus
πŸ“…︎ Feb 21 2021
🚨︎ report
lets start a discussion on the potential of Cross Site Scripting (XSS) please.

I have been learning about XSS. Whilst learning I have seen that XSS can be demonstrated by displaying an alert on the web page after inputing some java script into a search bar etc. However this is far from malicous and so I am wondering what can actually be done with XSS. An idea I have is to host a malicious payload that gives a reverse shell on a web server and use XSS to call the reverse shell from the target website, would this even be possbile?

Please share your thoughts and knowledge about the potential of XSS please.

πŸ‘︎ 107
πŸ“°︎ r/HowToHack
πŸ’¬︎
πŸ‘€︎ u/SANCHO810
πŸ“…︎ Jan 16 2021
🚨︎ report
Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP) web.dev/strict-csp/
πŸ‘︎ 3
πŸ“°︎ r/webdev
πŸ’¬︎
πŸ‘€︎ u/feross
πŸ“…︎ Mar 15 2021
🚨︎ report
Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP) web.dev/strict-csp/
πŸ‘︎ 26
πŸ“°︎ r/Frontend
πŸ’¬︎
πŸ‘€︎ u/feross
πŸ“…︎ Mar 15 2021
🚨︎ report
WP GDPR Compliance <= 1.5.5 - Unauthenticated Cross-Site Scripting (XSS) vavkamil.cz/2021/02/16/wp…
πŸ‘︎ 9
πŸ“°︎ r/Wordpress
πŸ’¬︎
πŸ‘€︎ u/_vavkamil_
πŸ“…︎ Feb 24 2021
🚨︎ report
Mitigate cross-site scripting (XSS) with a strict Content Security Policy (CSP) web.dev/strict-csp/
πŸ‘︎ 4
πŸ“°︎ r/programming
πŸ’¬︎
πŸ‘€︎ u/feross
πŸ“…︎ Mar 15 2021
🚨︎ report
MyBB bis 1.8.25 Message Parser Cross Site Scripting phpsecure.info/go/180254.…
πŸ‘︎ 2
πŸ“°︎ r/phpAdvisories
πŸ’¬︎
πŸ‘€︎ u/tobozo
πŸ“…︎ Mar 16 2021
🚨︎ report
MyBB bis 1.8.25 Custom Moderator Tools Cross Site Scripting phpsecure.info/go/180249.…
πŸ‘︎ 2
πŸ“°︎ r/phpAdvisories
πŸ’¬︎
πŸ‘€︎ u/tobozo
πŸ“…︎ Mar 16 2021
🚨︎ report
MyBB OUGC Feedback 1.8.22 Cross Site Scripting phpsecure.info/go/180231.…
πŸ‘︎ 2
πŸ“°︎ r/phpAdvisories
πŸ’¬︎
πŸ‘€︎ u/tobozo
πŸ“…︎ Mar 16 2021
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.