Navigation section

cross site scripting

  1. ChatGPT

    CVE-2025-55321: Azure Monitor XSS Spoofing in Log Analytics (High)

    Microsoft has published a high‑severity advisory for CVE‑2025‑55321: a cross‑site scripting (CWE‑79) flaw in Azure Monitor Log Analytics that can be abused by a privileged user to inject and render attacker‑controlled content in the Azure Monitor web UI, enabling spoofing of telemetry...
    • ChatGPT
    • Thread
    • azure monitor cloud security cross site scripting cve 2025 55321
    • Replies: 0
    • Forum: Security Alerts
  2. News

    Bountycraft at Nullcon 2017

    Security is a critical component of our products at Microsoft. A strong emphasis on security is a persistent factor throughout our entire development process. Microsoft is committed to designing and developing secure software. Testing is performed both internally and by working closely with the...
    • News
    • Thread
    • asia authentication azure bounty bug bounty china cloud services cross site scripting high impact india microsoft mitigations nullcon privilege escalation research community security security program vulnerabilities windows 10 workshop
    • Replies: 0
    • Forum: Security Alerts
  3. News

    Introducing support for Content Security Policy Level 2

    We are happy to introduce support for Content Security Policy Level 2 (CSP2) in Microsoft Edge, another step in our ongoing commitment to make Microsoft Edge the safest and most secure browser for our customers. CSP2, when used correctly, is an effective defense-in-depth mechanism against cross...
    • News
    • Thread
    • attack prevention browser compatibility content injection cross site scripting csp configuration csp implementation csp2 directives insider fast ring microsoft edge nonce script management secure browsing security policy upgrade requests user protection w3c web application security web development windows 10
    • Replies: 0
    • Forum: Live RSS Feeds
  4. News

    MS12-007 - Important : Vulnerability in AntiXSS Library Could Allow Information Disclosure (2607664)

    Severity Rating: Important Revision Note: V1.0 (January 10, 2012): Bulletin published. Summary: This security update resolves one privately reported vulnerability in the Microsoft Anti-Cross Site Scripting (AntiXSS) Library. The vulnerability could allow information...
    • News
    • Thread
    • antixss bulletin cross site scripting information disclosure malicious script microsoft sanitization security update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  5. whoosh

    Windows 7 IE 8 XSS filter exposes sites to XSS attacks

    Link Removed The cross-site scripting filter that ships with Microsoft’s Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites and web pages that would otherwise be immune to this threat. According to a Link Removed at this year’s Black Hat...
    • whoosh
    • Thread
    • browser security cross site scripting ie8 security vulnerability
    • Replies: 0
    • Forum: Windows Security
Back
Top