PC World

Cross-Site Scripting: An Old Problem Returns

Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...
CSOonline

What is XSS? Cross-site scripting attacks explained

Cross-site scripting (XSS) is a cyberattack in which a hacker enters malicious code into a web form or web application url. This malicious code, written in a scripting language like JavaScript or PHP, ...
CSOonline

What’s old is new again: AI is bringing XSS vulnerabilities back to the spotlight

Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and ...
heise online

Web-Security: With Content Security Policy against Cross-Site Scripting, Part 2

Cross-site scripting (XSS) remains one of the most common security threats to web applications. Despite advanced protection mechanisms, attackers continue to find new ways to exploit XSS ...