cross-site scripting

Looking Back: The 2009 Facebook Security and Privacy Debacles #privacy #podcast

Facebook Flaws and Privacy Laws: A Journey into Early Social Media Security from 2009

| | 2009, cross-site scripting, Cyber Security, Cyber Security Podcast, cyber threat, Cybersecurity, Data Privacy, Digital Privacy, Early Social Media, Episodes, facebook, Information Security, Infosec, internet security, online safety, Podcast, Podcasts, Privacy, privacy laws, security, Social Media Awareness, Social Media Risks, Social Media Security, Tech Podcast, technology, Weekly Edition, XSS
Join hosts Tom Eston, Scott Wright, and Kevin Johnson in a special best-of episode of the Shared Security Podcast. Travel back to 2009 with the second-ever episode featuring discussions on early Facebook ...
Shared Security Podcast
ADR Report | Application Detection and Response Trends | Contrast Labs

ADR Report | Application Detection and Response Trends | Contrast Labs

| | .net, .net application, API security, Application Detection and Response (ADR), attacks, cross-site scripting, cyberattacks, method tampering, Perimeter defenses, sql injection, XSS
In a startling finding, Contrast Security Application Detection and Response stopped tens of thousands of attacks that made it past perimeter defenses on a single application in mid-January 2025.  ...
AppSec Observer
ADR Report | Application Detection and Response Trends | Contrast Labs

ADR Report | Application Detection and Response Trends | Contrast Labs

| | .net, .net application, API security, Application Detection and Response (ADR), attacks, cross-site scripting, cyberattacks, method tampering, Perimeter defenses, sql injection, XSS
In a startling finding, Contrast Security Application Detection and Response stopped tens of thousands of attacks that made it past perimeter defenses on a single application in mid-January 2025.  ...
AppSec Observer
Security Flaw in CoCalc: One Click and Your Cloud is Ruined

Security Flaw in CoCalc: One Click and Your Cloud is Ruined

| | Cloud, cross-site scripting, csp, Imperva Threat Research, vulnerability
TL;DR Imperva Threat Research discovered and reported a security flaw in the CoCalc Cloud environment. The flaw enabled potential attackers to completely take over a target’s account with only a single click ...
Blog
Zimbra XSS vulnerability blocked by WAF

Understanding the Zimbra Cross-Site Scripting Flaw (CVE-2023-37580)

| | cross-site scripting, security bulletin, Zimbra XSS Vulnerability
The Zimbra XSS vulnerability allows an attacker to impact the confidentiality and integrity of the user's data. Understand how to find & fix this flaw. The post Understanding the Zimbra Cross-Site Scripting ...
Indusface
JavaScript in Android Application

Execution of Arbitrary JavaScript in Android Application

| | Application Security, cross-site scripting, Cyber Security, deep links, WebView, Write-up
In this blog, we will learn about the possible ways to find cross-site scripting by abusing JavaScript in Android applications. Cross-site scripting (XSS) in an Android application occurs when an attacker successfully ...
WeSecureApp :: Simplifying Enterprise Security
Reflected Cross site scripting attacks

What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices

| | Application Security, cross-site scripting, Types of XSS, XSS Attack Prevention
Cross-Site Scripting (XSS) is a security vulnerability that allows an attacker to inject malicious code into a web page viewed by other users, usually in a script. The post What is Cross-Site ...
Indusface
Bypassing Akamai’s Web Application Firewall Using an Injected Content-Encoding Header

Bypassing Akamai’s Web Application Firewall Using an Injected Content-Encoding Header

| | CRLF injection vulnerability, cross-site scripting, Labs, Web Application Firewall
During a recent Chariot customer pilot we identified an interesting method to bypass the cross-site scripting (XSS) filtering functionality within the Akamai Web Application Firewall (WAF) solution. Chariot had identified a Carriage ...
Blog - Praetorian

Out with the WAF, in with the WAAP

| | , advanced bot protection, API security, Application Security, bad bots, cross-site scripting, DDoS Protection, Digest, OWASP Top 10, sql injection, WAAP
Advanced attacks call for advanced protection Bad actors are constantly discovering new attack vectors to exploit applications. To meet the threat, organizations need enterprise-level security more now than ever. Traditionally, implementing a ...
Blog

Why a Resilient Content Delivery Network (CDN) is Key to Website Performance

| | API security, Application Security, bad bots, clickjacking, content delivery network, Content Optimization, cross-site scripting, ddos, Digest, global site load balancing, Smart Cache, Waiting Room, Web Application Firewall
Today’s online users have built-up certain standards of quality when visiting a website. They expect a high performance website with fast page load times and easily accessible, fresh and dynamic content. They ...
Blog
Load more