Cross-site scripting attacks can leave private, critical information vulnerable to cyberattackers. Learn more about XSS attacks and how you can prevent them.

A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site ...

The advisory addresses a flaw in the MHTML protocol handler which opens all versions of Windows to potential cross-site scripting (XSS) attacks.

The effort is more advanced than most, because it involves exploiting a cross-site scripting (XSS) vulnerability on a popular news site, researchers said.

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.

A researcher discovered a cross-site scripting flaw in Google Map's export function, which earned him $10,000 in bug bounty rewards.

While fuzzing the platform, the bug bounty researcher found that this issue could be exploited to achieve reflected cross-site scripting (XSS), potentially leading to the execution of malicious ...

The flaw, a reflected cross-site scripting (XSS) vulnerability, was discovered due to insufficient validation of the popup-selector query argument, allowing malicious scripts to be executed. The issue ...

A cross-site scripting (XSS) vulnerability has been found in a WYSIWYG editor used by at least 30,000 websites.

Hypponen said before the issue was corrected, anyone with even a cursory knowledge of creating cross-site scripting exploits could have easily caused harm to Netscape visitors.