#jobs #incident #vulnerability #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #xss Clear filter
Questions for WAF Specialist?

Questions for WAF Specialist?

cybersecurity www.reddit.com

Hello Everyone, I am new to WAF but have worked on Imperva Cloud WAF. I was going through BIGIP(F5) documents, I have few questions for all the mates: 1) What is the standard best practice on critical websites? (Website directly on blocking mode or keep it in monitoring mode) 2) If the website is on monitoring mode(I assume it is not going to block anything), then what if DDOS or any other attacks such as Sql,XSS takes place then if there is a possibility of APPLICATION COMPROMISE? submitted by...

#cloud #waf #xss
XSS leads to RCE in popular OSS project

XSS leads to RCE in popular OSS project

cybersecurity www.reddit.com

I found the vulnerability and reported to the vendor twice over the last few week. Today I found out that code has been removed. No ack, no cve id. I filed today a cve request (reserved) is there still chance or it is buried? The vendor ghosted me 100% so far submitted by /u/Technical_Shelter621 [link] [comments]

#vulnerability #patch-management #rce #xss
Cisco Desk, IP, and Video Phone Vulnerabilities Let Remote Attackers Trigger DoS And XSS Attacks

Cisco Desk, IP, and Video Phone Vulnerabilities Let Remote Attackers Trigger DoS And XSS Attacks

Cyber Security News cybersecuritynews.com

Cisco has issued a security advisory warning of multiple vulnerabilities in its Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 models running Cisco Session Initiation Protocol (SIP) Software. Published on October 15, 2025, the advisory details risks that could enable unauthenticated remote attackers to trigger denial-of-service (DoS) conditions or

#vulnerability #xss
Open Redirect and XSS in Web Filter warning page

Open Redirect and XSS in Web Filter warning page

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

An Improper Neutralization of Input During Web Page Generation and URL Redirection to Untrusted Site vulnerabilities [CWE-79, CWE-601] in FortiOS, FortiProxy and FortiSASE may allow an unauthenticated attacker to perform a reflected cross site scripting (XSS) or an open redirect attack via crafted HTTP requests. Revised on 2025-10-14 00:00:00

#vulnerability #incident #xss #open-redirect
Heads Up: Scans for ESAFENET CDG V5 , (Mon, Oct 13th)

Heads Up: Scans for ESAFENET CDG V5 , (Mon, Oct 13th)

SANS Internet Storm Center, InfoCON: green isc.sans.edu

In January, a possible XSS vulnerability was found in the electronic document security management system ESAFENET CDG. This was the latest (as far as I can tell) in a long list of vulnerabilities in the product. Prior vulnerabilities included SQL injection issues and weaknesses in the encryption used to safeguard documents. In other words: A typical "secure" document management system. The product appears to be targeting the Chinese market, and with a website all in Chinese, I doubt it is used...

#vulnerability #patch-management #sql-injection #xss