The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: XSS vulnerability

This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs

This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs
February 04, 2020Mohit Kumar
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways. When combined together, the reported issues could have even enabled hackers to remotely steal files from the Windows or Mac computer of a victim using the WhatsApp desktop app by merely sending a specially crafted message. Discovered by PerimeterX researcher Gal Weizman and tracked as CVE-2019-18426 , the flaws specifically resided in WhatsApp Web, a browser version of the world's most popular messaging application that also powers its Electron-based cross-platform apps for desktop operating systems. In a blog post published today, Weizman revealed that WhatsApp Web was vulnerable to a potentially dangerous open-redirect flaw that led to persistent cross-site scripting attacks, which could have been triggered by sending a s

Severe Flaw Disclosed In StackStorm DevOps Automation Software

Severe Flaw Disclosed In StackStorm DevOps Automation Software
March 11, 2019Mohit Kumar
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services. StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows developers to configure actions, workflows, and scheduled tasks, in order to perform some operations on large-scale servers. For example, you can set instructions (if this, then that) on Stackstorm platform to automatically upload network packet files to a cloud-based network analyze service, like CloudShark, in events when your security software detects an intrusion or malicious activity in the network. Since StackStorm executes actions—which can be anything, from the HTTP request to an arbitrary command—on remote servers or services that developers integrate for automated tasks, the pl

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately

Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately
April 19, 2018Swati Khandelwal
It's time to update your Drupal websites, once again. For the second time within a month , Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. Discovered by the Drupal security team, the open source content management framework is vulnerable to cross-site scripting (XSS) vulnerability that resides in a third-party plugin CKEditor which comes pre-integrated in Drupal core to help site administrators and users create interactive content. CKEditor is a popular JavaScript-based WYSIWYG rich text editor which is being used by many websites, as well as comes pre-installed with some popular web projects. According to a security advisory released by CKEditor, the XSS vulnerability stems from the improper validation of " img " tag in Enhanced Image plugin for CKEditor 4.5.11 and later versions. This could allow an attacker to

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack
October 11, 2017Swati Khandelwal
As part of its "October Patch Tuesday," Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild. Security updates also include patches for Microsoft Windows operating systems, Internet Explorer, Microsoft Edge, Skype, Microsoft Lync and Microsoft SharePoint Server. Besides the MS Office vulnerability, the company has also addressed two other publicly disclosed (but not yet targeted in the wild) vulnerabilities that affect the SharePoint Server and the Windows Subsystem for Linux. October patch Tuesday also fixes a critical Windows DNS vulnerability that could be exploited by a malicious DNS server to execute arbitrary code on the targeted system. Below you can find a brief technical explanation of all above mentioned critical and important vulnerabilities. Microsoft Office Memory Corruption Vulnerability (CVE-2017-11826) T

Yahoo Flaw Allowed Hackers to Read Anyone's Emails

Yahoo Flaw Allowed Hackers to Read Anyone's Emails
December 08, 2016Swati Khandelwal
Yahoo has patched a critical security vulnerability in its Mail service that could have allowed an attacker to spy on any Yahoo user's inbox. Jouko Pynnönen, a Finnish Security researcher from security firm Klikki Oy, reported a DOM based persistent XSS (Cross-Site Scripting) in Yahoo mail, which if exploited, allows an attacker to send emails embedded with malicious code. In his blog post published today, the researcher demonstrated how a malicious attacker could have sent the victim's inbox to an external site, and created a virus that attached itself to all outgoing emails by secretly adding a malicious script to message signatures. Since the malicious code is in the message's body, the code will get executed as soon as the victim opens the boobytrapped email and its hidden payload script will covertly submit victim's inbox content to an external website controlled by the attacker. This issue is because Yahoo Mail failed to properly filter potentially malici

Hacker reports Vulnerability in Mr. Robot Season 2 Website

Hacker reports Vulnerability in Mr. Robot Season 2 Website
May 12, 2016Swati Khandelwal
Mr. Robot was the biggest 'Hacking Drama' television show of 2015 and its second season will return to American TV screens on Wednesday 13th of July 2016. However, the new promotional website for season two of Mr. Robot has recently patched a security flaw that could have easily allowed a hacker to target millions of fans of the show. A White Hat hacker going by the alias Zemnmez discovered a Cross-Site Scripting (XSS) vulnerability in Mr. Robot website on Tuesday, the same day Mr. Robot launched a promo for its second series. The second season of the television show had already received praise from both critics and viewers for its relatively accurate portrayal of cyber security and hacking, something other cyber crime movies and shows have failed at badly. The new series also features a surprising yet welcome guest: President Barack Obama , who is giving a speech about a cyber threat faced by the nation. The flaw Zemnmez discovered on the show's website coul

Simple Yet Effective eBay Bug Allows Hackers to Steal Passwords

Simple Yet Effective eBay Bug Allows Hackers to Steal Passwords
January 12, 2016Swati Khandelwal
A simple, yet effective flaw discovered on eBay's website exposed hundreds of millions of its customers to an advance  Phishing Attack . An Independent Security Researcher reported a critical vulnerability to eBay last month that had the capability to allow hackers to host a fake login page, i.e. phishing page, on eBay website in an effort to steal users' password and harvest credentials from millions of its users. The researchers, nicknamed MLT , said anyone could have exploited the vulnerability to target eBay users in order to take over their accounts or harvest thousands, or even millions, of eBay customers credentials by sending phishing emails to them. MLT published a blog post about the eBay flaw on Monday, demonstrating how easy it is to exploit the flaw like this and steal customers' passwords. Here's How ebay Hack Works The flaw actually resided in the URL parameter that allowed the hacker to inject his iFrame on the legitimate eBay

200 Million WhatsApp Users Vulnerable to vCard Vulnerability

200 Million WhatsApp Users Vulnerable to vCard Vulnerability
September 09, 2015Swati Khandelwal
WhatsApp recently claimed to have hit 900 Million monthly active users , but a dangerous security flaw in the web version of the popular instant messaging app puts up to 200 Million of its users at risk . Yes, the web-based extension of WhatsApp is vulnerable to an exploit that could allow hackers to trick users into downloading malware on their computers in a new and more sophisticated way. WhatsApp made its web client, WhatsApp Web , available to iPhone users just last month, after first rolling out its web-based instant messaging service for Android, Windows and BlackBerry Phone earlier in the year. Similar to Facebook Messenger, WhatsApp Web is an effective way to experience the mobile app in a web browser, allowing you to view all of the conversations you have made with your friends – including images, audio files, videos, GPS location and contact cards – straight on your PCs. However, a security flaw discovered by Check Point's security researcher Kasif

PayPal Vulnerability Allows Hackers to Steal All Your Money

PayPal Vulnerability Allows Hackers to Steal All Your Money
August 27, 2015Swati Khandelwal
A critical security vulnerability has been discovered in the global e-commerce business PayPal that could allow attackers to steal your login credentials , and even your credit card details in unencrypted format. Egypt-based researcher Ebrahim Hegazy discovered a Stored Cross Site Scripting (XSS) vulnerability in the Paypal's Secure Payments domain. As it sounds, the domain is used to conduct secure online payments when purchasing from any online shopping website. It enables buyers to pay with their payment cards or PayPal accounts, eliminating the need to store sensitive payment information. However, it is possible for an attacker to set up a rogue online store or hijacked a legitimate shopping website, to trick users into handing over their personal and financial details. How the Stored XSS Attack Works? Hegazy explains a step by step process in his blog post , which gives a detailed explanation of the attack. Here's what the researcher calls the worst attack scenario:

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability

WordPress 4.2.3 Security Update Released, Patches Critical Vulnerability
July 23, 2015Swati Khandelwal
WordPress has just released the new version of its content management system (CMS), WordPress version 4.2.3 , to fix a critical security vulnerability that could have been exploited by hackers to take over websites, affecting the security of its Millions of sites. WordPress version 4.2.3 resolves a Cross-Site Scripting (XSS) flaw that could allow any user with the Contributor or Author role to compromise a website, Gary Pendergast of the WordPress team wrote in a blog post on Thursday. Cross-site scripting is actually a vulnerability in the Web applications' code that opens up the target website to attacks. The vulnerability is one of the most favorite and commonly used flaws by cyber criminals. According to the company, the vulnerability could allow hackers to embed maliciously-crafted HTML, JavaScript, Flash, or other code to bypass WordPress's kses protection by fooling users into executing a malicious script on their computer system. This, in turn, le

WordPress Vulnerability Puts Millions of Websites At Risk

WordPress Vulnerability Puts Millions of Websites At Risk
May 07, 2015Swati Khandelwal
Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting (XSS) vulnerability present in the default installation of the widely used content management system. The cross-site scripting (XSS) vulnerability, uncovered by the security researcher reported by Robert Abela of Security firm  Netsparker . Wordpress vulnerability resides in Genericons webfont package that is part of default WordPress Twenty Fifteen Theme. Here comes the threat: The XSS vulnerability has been identified as a " DOM-based ," which means the flaw resides in the document object model (DOM) that is responsible for text, images, headers, and links representation in a web browser. The easy-to-exploit DOM-based Cross-Site Scripting (XSS) vulnerability occurred due to an insecure file included with Genericons that allowed the Document Object Model Environment in the victim's browser to be modified. What's DOM-Bas

'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability

'Google Analytics by Yoast' WordPress Plugin Patches Critical Vulnerability
March 21, 2015Wang Wei
Another popular WordPress plugin by Yoast has been found to be vulnerable to a critical flaw that could be exploited by hackers to hijack the affected website. The critical vulnerability actually resides in the highly popular Google Analytics by Yoast plugin, which allows WordPress admins to monitor website traffic by connecting the plugin to their Google Analytics account. The Google Analytics by Yoast WordPress plugin has been downloaded nearly 7 Million times with more than 1 million active installs, which makes the issue rather more serious. A week back, we reported that all the versions of ' WordPress SEO by Yoast ' was vulnerable to Blind SQL Injection web application vulnerability that allowed an attacker to execute arbitrary payload on the victim WordPress site in order to take control of it. However, the Google Analytics by Yoast plugin is vulnerable to persistent cross-site scripting (XSS) vulnerability that allows hackers to execute malicious PHP code on the server, whic

Microsoft Internet Explorer Universal Cross-Site Scripting Flaw

Microsoft Internet Explorer Universal Cross-Site Scripting Flaw
February 04, 2015Swati Khandelwal
A serious vulnerability has been discovered in all the latest versions of Microsoft's Internet Explorer that allows malicious hackers to inject malicious code into users' websites and steal cookies, session and login credentials. UNIVERSAL XSS BUG WITH SAME ORIGIN POLICY BYPASS The vulnerability is known as a Universal Cross Site Scripting (XSS) flaw. It allows attackers to bypass the Same-Origin Policy, a fundamental browser security mechanism, in order to launch highly credible phishing attacks or hijack users' accounts on any website. The Same Origin Policy is one of the guiding principles that seek to protect users' browsing experience. SOP actually prevents one site from accessing or modifying the browser properties, such as cookies, location, response etc, by any other site, ensuring that no third-party can inject code without the authorization of the owner of the website. DEMONSTRATION Recently, a proof-of-concept exploit published by a group, known as Deusen, sho

Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication

Google Apps Flaw Allowed Hacker to Hijack Account and Disable Two-factor Authentication
January 23, 2015Wang Wei
A critical cross-site scripting ( XSS ) vulnerability in the Google Apps administrator console allowed cyber criminals to force a Google Apps admins to execute just about any request on the https://admin.google.com/ domain. The Google Apps admin console allows administrators to manage their organization's account. Administrators can use the console to add new users, configure permissions, manage security settings and enable Google services for your domain. The feature is primarily used by many businesses, especially those using Gmail as the e-mail service for their domain. The XSS flaw allowed attackers to force the admin to do the following actions: Creating new users with "super admin" rights Disabling two-factor authentication ( 2FA ) and other security measures from existing accounts or from multiple domains Modifying domain settings so that all incoming e-mails are redirected to addresses controlled by the attacker Hijack an account/email by resett

Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk

Alibaba Marketplace Vulnerability Puts Millions Of Shoppers at Risk
December 12, 2014Wang Wei
Alibaba Group has patched a major security vulnerability in one of its e-commerce portals that exposed account details of tens of millions of Merchants and shoppers to cyber criminals. An Israeli application security firm, AppSec Labs, found a Cross site scripting (XSS) vulnerability in AliExpress, the company's English language e-commerce site that was found vulnerable to similar flaw a week ago that compromised personal information of Alibaba customers. The flaw was fixed shortly after Cybermoon security firm disclosed it to Alibaba. AliExpress is an online marketplace owned by Chinese E-Commerce giant Alibaba.com, also known as Google of China. The company serves more than 300 Million active users from more than 200 countries including the U.S., Russia and Brazil. But the critical vulnerability found by the researcher could allow an attacker to hijack merchant's account. Using AliExpress XSS vulnerability an attacker can inject any malicious payload script as value

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google

Firing Range — Open Source Web App Vulnerability Scanning Tool From Google
November 20, 2014Wang Wei
Google on Tuesday launched a Security testing tool "Firing Range" , which aimed at improving the efficiency of automated Web application security scanners by evaluating them with a wide range of cross-site scripting (XSS) and a few other web vulnerabilities seen in the wild. Firing Range basically provides a synthetic testing environment mostly for cross-site scripting (XSS) vulnerabilities that are seen most frequently in web apps. According to Google security engineer Claudio Criscione, 70 percent of the bugs in Google's Vulnerability Reward Program are cross-site scripting flaws . In addition to XSS vulnerabilities , the new web app scanner also scans for other types of vulnerabilities including reverse clickjacking , Flash injection , mixed content, and cross-origin resource sharing vulnerabilities. Firing Range was developed by Google with the help of security researchers at Politecnico di Milano in an effort to build a test ground for automated scanners

Malicious Kindle Ebook Let Hackers Take Over Your Amazon Account

Malicious Kindle Ebook Let Hackers Take Over Your Amazon Account
September 17, 2014Mohit Kumar
If you came across a Kindle e-book download link from any suspicious sources or somewhere other than Amazon itself, check twice before you proceed download. As downloading an eBook could put your personal information at risk. A security researcher has uncovered a security hole in Amazon's Kindle Library that could lead to cross-site scripting ( XSS ) attacks and account compromises when you upload a malicious ebook. AMAZON CREDENTIALS – BOON FOR HACKERS The flaw affects the " Manage Your Content and Devices " and " Manage your Kindle " services in Amazon's web-based Kindle Library, which could allow a hacker to inject and hide malicious lines of code into into e-book metadata, such as the title text of an eBook, in order to compromise the security of your Amazon account. Gaining access to your Amazon account credentials is one of the biggest boons for hackers, as they can set-up new credit cards in your account or max out the current ones on file with some big

Flickr Cross-Site Request Forgery Vulnerability Patched

Flickr Cross-Site Request Forgery Vulnerability Patched
August 06, 2014Wang Wei
Yahoo-owned Flickr, one of the biggest online photo management and sharing website in the world was recently impacted by a web application vulnerability , which could allow an attacker to modify users' profile image. Flickr is one of the most popular photo sharing website with more than 87 million users, therefore some top major target for cybercriminals. The site was vulnerable to the most common vulnerability known as Cross-Site Request Forgery (XSRF or CSRF), which is very easy to exploit by attackers. Cross-Site Request Forgery is a method of attacking a Web site in which an intruder masquerades as a legitimate and trusted user. All the attacker need to do is get the target browser to make a request to your website on their behalf. If they can either: Convince your users to click on a HTML page they've constructed Insert arbitrary HTML in a target website that your users visit Not too difficult, is it? Abdullah Hussam , a 17 years old programmer from Iraq found that just

Yahoo Toolbar Vulnerability Triggers Non-Exploitable XSS Payload on All Websites

Yahoo Toolbar Vulnerability Triggers Non-Exploitable XSS Payload on All Websites
June 10, 2014Wang Wei
Yahoo offers a web browser toolbar which includes apps for leading sites like Facebook, Yahoo! Mail, Weather and News. Yahoo Toolbar also known as Y! Toolbar is available for Internet Explorer, Firefox and Google Chrome web browsers. Yahoo Toolbar is one of the most popular and widely installed web browser add-on/extension. Many popular softwares like Java Update and thousands of free software including some Antivirus products promote Yahoo toolbar and bundled it into their installer files. A vulnerability has been reported in Yahoo Toolbar by Security Researcher Behrouz SAdeghipour , which causes cross site scripting flaw on popular websites like Flickr, Yahoo, Google, Pinterest, Youtube, Amazon, Twitter and many more. Yahoo Toolbar vulnerability triggers all previous non-exploitable XSS payloads on popular websites as shown below in multiple screenshots provided by Behrouz to The Hacker News .  The vulnerability resides in the way Toolbar intercept and

Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk

Vulnerabilities in 'All in One SEO Pack' Wordpress Plugin Put Millions of Sites At Risk
May 31, 2014Wang Wei
Multiple Serious vulnerabilities have been discovered in the most famous ' All In One SEO Pack ' plugin for WordPress, that put millions of Wordpress websites at risk. WordPress is easy to setup and use, that's why large number of people like it. But if you or your company is using ' All in One SEO Pack ' Wordpress plugin to optimize the website ranking in search engines, then you should update your SEO plugin immediately to the latest version of All in One SEO Pack 2.1.6 . Today, All in One SEO Pack plugin team has released an emergency security update that patches two critical privilege escalation vulnerabilities and one cross site scripting (XSS) flaw, discovered by security researchers at Sucuri, a web monitoring and malware clean up service. More than 73 million websites on the Internet run their websites on the WordPress publishing platform and more than 15 million websites are currently using All in One SEO Pack plugin for search engine optimization. Acco
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.