Reverb.com: Stored xss in shop name @ lp.reverb.com

hello team, There is a stored xss in lp.reverb.com. Attacker can inject malicious script into server while adding shop name as lll"alert'xss';. Exploit: https://lp.reverb.com/shops/faniyos-boutique/listings Steps to reproduce: 1. Navogate to https://reverb.com/my/lpshop/edit 2. Change your lp sho...

URL Shorteners Put Private Cloud Data at Risk

URL shorteners are convenient, but for a long time gave security practitioners anxiety because it was difficult to determine where the shortened address was taking you. Two researchers have now given you new reasons to fear URL shorteners, especially for those storing and sharing data on...