Security Alerts & News
by Tymoteusz A. Góral

History
#1673 Wix.com security flaw places millions of websites at risk
An XSS vulnerability discovered on the Wix.com platform is putting millions of websites and their users at risk of attack.

The website hosting provider, which provides free drag-and-drop website building tools, hosts millions of websites with 87 million registered users -- and all of which are currently vulnerable to an XSS bug which can be utilized by attackers to create worms capable of taking over administrator accounts. This, in turn, gives attackers full control over websites.

On Wednesday, Matt Austin, security research engineer with Contrast Security, said in a blog post that Wix.com has a severe DOM XSS vulnerability which can be exploited by simply adding a single parameter to any site created on Wix.com.
Read more
#1673 Wix.com security flaw places millions of websites at risk
#1672 Teen pleads guilty to creating DDoS tool used in 1.7 million attacks
#1671 Mirai botnet attackers are trying to knock an entire country offline
#1670 Cisco patches critical bugs in 900 series routers, prime home server
#1669 Outlook web access two-factor authentication bypass exists
#1668 GitLab patches command execution vulnerability
#1667 Cisco job applicants warned of potential mobile site data leak
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12