Searchenginejournal.com

WordPress Stored XSS Vulnerability – Update Now

WordPress announced a security update to fix two vulnerabilities that could provide an attacker with the opportunity to stage a full site takeover. Among the two vulnerabilities, the most serious one ...
Searchenginejournal.com

WordPress Discovers XSS Vulnerability – Recommends Updating To 6.5.2

WordPress announced the 6.5.2 Maintenance and Security Release update that patches a store cross site scripting vulnerability and fixes over a dozen bugs in the core and the block editor. The same ...
ZDNet

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

A stored cross-site scripting (XSS) vulnerability in the iCloud domain has reportedly been patched by Apple. Bug bounty hunter and penetration tester Vishal Bharad claims to have discovered the ...
ZDNet

Evernote for Windows patch resolves stored XSS vulnerability

Evernote has patched a flaw in the Microsoft Windows version of the app which permitted stored XSS attacks to occur. The vulnerability, CVE-2018-18524, has been resolved in Evernote for Windows 6.16.1 ...
Bleeping Computer

Netgear warns users to patch auth bypass, XSS router flaws

Netgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router ...