Cross-Site Scripting

Cross-site scripting (XSS) is a web application vulnerability that enables execution of attacker-controlled scripts in users’ browsers, risking account compromise and data exposure. It matters in enterprise contexts because it targets authenticated sessions in critical business applications and portals.

Related Perspectives

Kiwire Captive Portal faces three vulnerabilities

October 10, 2025

Kiwire Captive Portal vulnerabilities, identified as CVE-2025-11188, 11189, and 11190, necessitate user action to mitigate risks.

Daily Intelligence Brief: Quantum Computing, Ericsson, Supermicro, Schneider Electric, GSMA Developments - September 23, 2025

September 23, 2025

Quantum Computing Inc. announced a $500 million stock offering to enhance its commercialization efforts and support growth.

Weekly Intelligence Brief on Security Alerts and Vulnerabilities - Week of September 22, 2025

September 23, 2025

CISA issues advisories on multiple ICS vulnerabilities, recommending prompt mitigations.

VU#780141: Cross-site scripting vulnerability in Lectora course navigation

September 22, 2025

A patch for the Lectora XSS vulnerability was released in version 21.4, but users must republish courses to implement it.

Weekly Intelligence Brief on SASE and Cybersecurity Developments - Week of September 22, 2025

September 22, 2025

SASE revenue reaches $2.7 billion in Q2 2025, marking a 22% increase driven by integrated technologies.

Schneider Electric reports vulnerability in Altivar products

September 16, 2025

A cross-site scripting issue in Schneider Electric's hardware may allow unauthorized data access, affecting several product versions.