WindowsForum

WindowsForum

Users
Tweets

WindowsForum

@windowsforum

Jun 9

🪟 SharePoint “XSS spoofing” isn’t RCE, but it’s still the digital equivalent of putting on someone else’s name tag. Patch SharePoint Server 2016/2019 fast—trust won’t clean itself. windowsforum.com/threads/cve… #PatchManagement #SharepointSecurity #Cve202645468 #CrossSiteScripting

Sienna Web Designs

Sienna Web Designs @siennawebdesign

May 5

#WordPress #GravityForms Plugin <= 2.10.0 is #vulnerable to multiple #mediumpriority #CrossSiteScripting (#XSS) Ask us about our Virtual Webmaster services if you don't have someone monitoring your #website(s) for #vulnerabilities. patchstack.com/database/word…

Cross Site Scripting (XSS) in WordPress Gravity Forms Plugin

Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.

patchstack.com

Cybersecurity News Everyday

Cybersecurity News Everyday

@TweetThreatNews

Apr 24

Over 10,500 Zimbra servers remain vulnerable to CVE-2025-48700, an XSS flaw exploited by APT28 and APT29 in targeted phishing and mass intrusions. CISA lists it in KEV for federal patching. #ZimbraServer #CrossSiteScripting #USA ift.tt/2wUiK1T

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite instances remain exposed and vulnerable to active exploitation of a cross-site scripting flaw tracked as CVE-2025-48700, Shadowserver warns. CISA has added the...

hendryadrian.com

790

Sienna Web Designs

Sienna Web Designs @siennawebdesign

Mar 17

#WordPress #GravityForms Plugin <= 2.9.28 is #vulnerable to a medium priority #CrossSiteScripting (#XSS) This #vulnerability is moderately dangerous and expected to become exploited. We advise to mitigate or resolve the vulnerability immediately. patchstack.com/database/word…

Cross Site Scripting (XSS) in WordPress Gravity Forms Plugin

Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.

patchstack.com

Muhammad Huzaifa

Muhammad Huzaifa @Hunter_Huzaifa_

Feb 25

XSS ➝ Privilege Escalation ➝ Full Tenant Takeover 🚨 #XSS #CrossSiteScripting #WebSecurity #AppSec #ApplicationSecurity #OWASP #BugBounty #EthicalHacking #InfoSec #PenTesting #RedTeam #BlueTeam #SecureCoding #BugBounty

2,131

CySecurity News

CySecurity News @EHackerNews

Feb 5

Foxit Publishes Security Patches for PDF Editor Cloud XSS Bugs cysecurity.news/2026/02/foxi… #CloudSecurity #CrossSiteScripting #CVE20261591

384

InfoSec Community

InfoSec Community

@InfoSecComm

30 Dec 2025

🚨 New Writeup Alert! 🚨 "Google Appspot XSS CTF Walkthrough " by Aditya Bhatt is now live on IW! Check it out here: infosecwriteups.com/1c0f32df… #cybersecurity #crosssitescripting #google #ctf #xs

Google Appspot XSS CTF Walkthrough 🎯

XSS, DOM Manipulation, Input Reflection — A complete step-by-step walkthrough of Google’s XSS Game demonstrating real-world cross-site…

infosecwriteups.com

1,432

InfoSec Community

InfoSec Community

@InfoSecComm

29 Dec 2025

🚨 New Writeup Alert! 🚨 " DOM XSS Using Web Messages and Javascript URL (window.postMessage → innerHTML Sink)" by Aditya Bhatt is now live on IW! Check it out here: infosecwriteups.com/e5db2a0f… #burpsuite #crosssitescripting #ctf #xs #cybersecurity

🎯 DOM XSS Using Web Messages and Javascript URL (window.postMessage → innerHTML Sink)

DOM XSS via Web Messages: Exploits unsafe postMessage handling and innerHTML injection to execute arbitrary JavaScript.

infosecwriteups.com

979

InfoSec Community

InfoSec Community

@InfoSecComm

13 Dec 2025

🚨 New Writeup Alert! 🚨 " Stored Cross-Site Scripting: HTML Context (Nothing Encoded)" by Aditya Bhatt is now live on IW! Check it out here: infosecwriteups.com/1f63a389… #storedxss #burpsuite #crosssitescripting #cybersecurity #xs

🎯 Stored Cross-Site Scripting: HTML Context (Nothing Encoded)

Stored XSS occurs when malicious input is saved on the server and executed every time a user loads the affected page.

infosecwriteups.com

1,685

ExcellencE

ExcellencE @excellenc_e

9 Dec 2025

XSS(Cross-Site Scripting) Saldırılarının Üç Türü XSS :) Severiz :) #CyberSecurity #XSS #CrossSiteScripting #EtikHacker #EthicalHacking #WebSecurity #Pentest #InfoSec #HackerMindset #SecureCoding #Exploit

1:00

258

Wordfence

Wordfence

@wordfence

4 Nov 2025

How To Prevent XSS Attacks On WordPress Sites #xss #crosssitescripting #wordpress

1:47

How To Prevent XSS Attacks On WordPress Sites

545

netzpalaver

netzpalaver

@netzpalaver

20 Aug 2025

Lenovo-Chatbot Lena - Kritische XSS-Schwachstellen offenbaren fatale Sicherheitslücken in KI-Implementierungen Lenovo wollte mit seinem KI-Chatbot Lena eigentlich den Kundenservice modernisieren. Stattdessen öffnete die digitale Assistentin ein Einfallstor für Angriffe, die bis hin zum Diebstahl sensibler Daten und der Kompromittierung interner Systeme reichen konnten. Cybernews-Forscher entdeckten gleich mehrere kritische XSS-Schwachstellen, die ein erschreckendes Licht auf den Umgang mit Sicherheit in KI-gestützten Services werfen. #AI #ArtificialIntelligence #Chatbot #Compliance #CrossSiteScripting @Cybernews #Cybernews #Cybersecurity #Cybersicherheit #Haftung #künstlicheIntelligenz #PromptInjection netzpalaver.de/2025/08/20/le…

1:38

netzpalaver

@netzpalaver

20 Aug 2025

Lenovo-Chatbot Lena - Kritische XSS-Schwachstellen offenbaren fatale Sicherheitslücken in KI-Implementierungen #AI #ArtificialIntelligence #Chatbot #Compliance #CrossSiteScripting @Cybernews #Cybersecurity #Cybersicherheit #Haftung #künstlicheIntelligenz #PromptInjection netzpalaver.de/2025/08/20/le…

136

netzpalaver

netzpalaver

@netzpalaver

20 Aug 2025

227

InfoSec Community

InfoSec Community

@InfoSecComm

8 Aug 2025

🚨 New Writeup Alert! 🚨 "Exploiting XSS to Bypass CSRF Defenses: Change Victim’s Email" by Bash Overflow is now live on IW! Check it out here: infosecwriteups.com/dcdcbfe1… #bugbountytips #storedxsscsrfbypass #exploitingxsscsrf #crosssitescripting #bugbounty

Exploiting XSS to Bypass CSRF Defenses: Change Victim’s Email

Learn how a stored XSS flaw can be weaponized to defeat CSRF defenses and perform unauthorized actions on behalf of users.

infosecwriteups.com

805

InfoSec Community

InfoSec Community

@InfoSecComm

4 Aug 2025

🚨 New Writeup Alert! 🚨 "Reflected XSS with Some SVG Markup Allowed" by Bash Overflow is now live on IW! Check it out here: infosecwriteups.com/65e24224… #bugbounty #reflectedxss #svginjection #crosssitescripting #bypassingxssfilters

Reflected XSS with Some SVG Markup Allowed

Learn how reflected cross-site scripting (XSS) vulnerabilities still succeed in filtered environments using SVG tags.

infosecwriteups.com

869

InfoSec Community

InfoSec Community

@InfoSecComm

2 May 2025

🚨 New Writeup Alert! 🚨 "Helicopter Administrators — 247CTF solution writeup" by Adithya M S is now live on IW! Check it out here: infosecwriteups.com/bc2f359b… #websecurity #crosssitescripting #capturetheflag #recon #sqlinjection

Helicopter Administrators — 247CTF solution writeup

A detailed and insightful solution writeup on the challenge Helicopter Administrators on 247CTF

infosecwriteups.com

917

Sucuri Security

Sucuri Security

@sucurisecurity

28 Apr 2025

What is Cross-Site Scripting (XSS)? XSS attacks can inject malicious scripts into your website. Learn how to protect your site with our guide ➡️ sucur.it/3Gr5LVp  #XSS #CrossSiteScripting #WebsiteSecurity #CyberSecurity #StaySecure #Sucuri #WebAppSecurity

What is Cross-Site Scripting?

Learn what XSS attacks are, how cross-site scripting attacks work, the types of XSS attacks that exist, XSS attack examples, and how to protect your website against cross-site scripting attacks.

sucuri.net

268