X (Formerly Twitter): XSS and Open Redirect on MoPub Login

Summary: I found open redirect at the MoPub login page, https://app.mopub.com/login?next=https://google.com. It also allows javascript URIs, leading to XSS. Description: You can modify the "next" URL parameter to redirect to any website upon logging in on MoPub. Steps To Reproduce: 1. Take this...

Internet Explorer vulnerable to Cookie-jacking

Internet Explorer vulnerable to Cookie-jacking A security researcher has devised an attack that remotely steals digital credentials used to access user accounts on Facebook and other websites by exploiting a flaw in Microsoft's Internet Explorer browser. Independent researcher Rosario Valotta...