Zimbra urges customers to patch critical web client XSS flaw
The Zimbra security team urged customers to patch a critical vulnerability affecting the Classic Web Client used to access the Zimbra Collaboration suite. [...]
Read the full articleYou might also wanna read
Zimbra urges customers to patch critical web client XSS flaw
A critical cross-site scripting (XSS) vulnerability affects the Classic Web Client of the Zimbra Collaboration suite. The Zimbra security te
Fixing `marked` XSS vulnerability
A recently published vulnerability in the npm `marked` package shows how attackers can use the flexibility of the Markdown format to introdu
CVE-2026-15285: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in posimyththemes The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce
The Plus Addons for Elementor WordPress plugin contained a stored cross-site scripting (XSS) vulnerability in the Button widget's custom_att
Security Researchers Discover Critical XSS Vulnerabilities in Mintlify Platform Affecting Major Tech Companies
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack - writeup.md
CVE-2026-15298: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pechenki TelSender – Сontact form 7, Events, Wpforms, ninja forms and woocommerce to telegram bot
The TelSender WordPress plugin is vulnerable to a DOM-Based Cross-Site Scripting (XSS) flaw in all versions up to and including 1.14.14. Thi

WAF - WAF Release - 2025-09-08
This week's update This week’s focus highlights newly disclosed vulnerabilities in web frameworks, enterprise applications, and widely deplo

Comments
Sign in to join the conversation.
No comments yet. Be the first.