eWeek

Microsoft to Update XSS Filter to Address Black Hat Attack

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...
Bleeping Computer

Microsoft Edge's XSS Filter Appears to Be Broken

A security feature that's included with the Microsoft Edge browser appears to have stopped working, according to Gareth Heyes, a security researcher with cyber-security firm PortSwigger. The security ...
Infosecurity-magazine.com

Researchers reveal Internet Explorer 8 XSS filtering flaw

David Lindsay, a researcher at software security company Cigital, presented a paper entitled 'Abusing Internet Explorer 8's XSS Filters' at the Black Hat conference in Barcelona, Spain. The pair ...
Threat Post

Bypass of Internet Explorer Cross-Site Scripting Filter Possible

Attackers are able to bypass the reflective cross-site scripting filter in Internet Explorer; the weakness is accepted by Microsoft as part of its design philosophy for the filter and will not be ...
Threat Post

Microsoft to Fix IE 8 XSS Filter Security Problems

On the heels of a Black Hat EU presentation that exposed security problems with the cross-site scripting (XSS) filter in Internet Explorer 8, Microsoft plans to ship an update to the filter to fix ...
Krebs on Security

Yahoo Email-Stealing Exploit Fetches $700

A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for ...
Graham Cluley

WYSIWYG editors could be an avenue for XSS attacks, warns researcher

Many websites have a WYSIWYG editor. You may not even realise that you are using one, but – if you think about it – chances are that many of the sites that you visit allow you make forum posts, ...