Attackers can exploit a cross-site scripting vulnerability in Citrix's Netscaler ADCs and Gateways. Updates close it.

Vendors (still) keep mum An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine ...

The patch fixed an issue that could lead to a Stored Cross-Site Scripting exploit that allows an attacker to upload malicious files to a website server where it can be activated when a user visits the ...

ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability in the Roundcube Webmail server. The new ...

Industrial giants Siemens, Schneider Electric, Rockwell Automation, and Aveva have released Patch Tuesday advisories.

Remote monitoring and management (RMM) platform ConnectWise has patched a cross-site scripting (XSS) vulnerability that could lead to remote code execution (RCE). Security researchers at Guardio Labs ...

Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than 40,000 active ...

As Russia's invasion of Ukraine continues, so too have its cyberattacks against the country. Security firm ESET recently published research on what it called "Operation RoundPress," a cyber-espionage ...

A newly discovered cross-site scripting (XSS) vulnerability in Grafana — a widely used open-source analytics and visualization platform for developers — has put thousands of servers at risk of ...