From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a ...
ExtremeTech

Steam patches flaw that exposed user profiles to drive-by attacks

Yesterday, news broke that Steam was affected by a cross-site scripting vulnerability that could compromise Steam account safety or be used to steal user data. The problem has since been corrected, ...