#cross-site-scripting-xss

[ follow ]
#sanitizer-api #web-security #firefox-148 #html-sanitization #stealc #malware-as-a-service-maas
Web development
fromMozilla Hacks - the Web developer blog
3 weeks ago

Goodbye innerHTML, Hello setHTML: Stronger XSS Protection in Firefox 148 - Mozilla Hacks - the Web developer blog

Firefox 148 introduces the standardized Sanitizer API, enabling developers to safely remove malicious HTML and JavaScript from user-generated content before inserting it into the DOM.
Information security
fromThe Hacker News
1 month ago

Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations

A cross-site scripting vulnerability in StealC's web control panel allowed extraction of system fingerprints, session monitoring, and cookie theft from the malware's infrastructure.
[ Load more ]