Cross site scripting

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The external link feature is susceptible to cross-site scripting. This allows a remote attacker to execute JavaScript code in...

CVE-2023-34089 Decidim Cross-site Scripting vulnerability in the processes filter

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code ...

Facebook 'Like-jacking' Scams Expand

Facebook attacks that force users to unwittingly endorse scam pages keep spreading, researchers say. Attacks have now circulated that cause users to recommend pages promising naked pictures of alternative rock diva Hayley Williams or the phone number of heart-throb singer Justin Bieber. Read the...

Facebook Hit With Clickjacking Worm

A vulnerability on Facebook forced hundreds of thousands of users to endorse a series of webpages over the holiday weekend, making the social networking site the latest venue for an attack known as clickjacking. Read the full article. The Register...