cybernews

Flaw at major enterprise chatbot maker leads to cookie theft

Researchers tricked the chatbot into generating malicious HTML and JavaScript code, enabling Cross-Site Scripting (XSS) attacks. The flaw affected Yellow.ai's customer service chatbot, though it's ...
IEEE

Detection of XSS Attacks with One Class SVM Using TF-IDF and Devising a Vectorized Vocabulary

Abstract: Cross Site Scripting (XSS) attacks are one of the most serious security risks on web applications, in which attackers force victims to execute malicious scripts on a browser. By applying ...
GitHub

CVE-2024-42009 - Roundcube - Reflected XSS

Roundcube versions up to 1.5.7 and 1.6.x up to 1.6.7 contain a reflected cross-site scripting caused by desanitization in message_body() in show.php, letting remote attackers steal and send victim ...