EUVD-2014-6120

Malware in sbrugna...

LinkedIn: Persistent XSS (unvalidated Open Graph embed) at LinkedIn.com

This report was previously published on Medium.com/@JonathanBouman. Follow me on Twitter or Medium for new reports. F361972 Proof of concept Background In my previous report we learned more about a special type of the persistent XSS attack; the unvalidated oEmbed attack. This attack allows us to...

[SECURITY] Fedora 25 Update: drupal7-metatag-1.21-1.fc25

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

[SECURITY] Fedora 24 Update: drupal7-metatag-1.21-1.fc24

The Metatag module allows you to automatically provide structured metadata, aka "meta tags", about your website. In the context of search engine optimization, when people refer to meta tags they are usually referring to the meta description tag and the meta keywords tag that may help improve the...

CVE-2014-6234

Cross-site scripting XSS vulnerability in the Open Graph protocol jhopengraphprotocol extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-6234

Cross-site scripting XSS vulnerability in the Open Graph protocol jhopengraphprotocol extension before 1.0.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-6234

CVE-2014-6234 is a Cross-Site Scripting (XSS) vulnerability in the TYPO3 Open Graph protocol extension (jh_opengraphprotocol) prior to version 1.0.2. The exploit vectors are not specified in the provided documents, but the issue allows remote attackers to inject arbitrary web script or HTML. The ...