Login
CSP2XSS: Vulnerability in Next.js App Router
(aisafe.io) by adragos_ | view | 0 comments
Perplexity Comet UXSS
(hacktron.ai) by Mohansrk | view | 0 comments
Esbuild XSS Bug That Survived 5B Downloads and Bypassed HTML Sanitization
(depthfirst.com) by ponderwonder | view | 0 comments
Unpatched Firefox focus universal XSS 0day poc released
(twitter.com) by notRobot | view | 0 comments
Universal XSS in Firefox Focus for iOS
(github.com) by ledoge | view | 0 comments
Re: Cache: 0-click SXSS on Next.js via reflected headers
(zhero-web-sec.github.io) by logickkk1 | view | 0 comments
Rooting Home Assistant through MeshCore: XSS attacks with a LoRa node name
(mxsasha.eu) by WhyNotHugo | view | 0 comments
XSS Is Deadly for Passkeys: The Hidden Risk of Attestation None
(scotthelme.co.uk) by moebrowne | view | 0 comments
Little Snitch for Linux 1.0.7: Fixed XSS in JavaScript
(github.com) by petecooper | view | 0 comments
Making Self-XSS Great Again: Unauthorized Access Request Approvals in Cloudflare
(kazama.in) by matured_kazama | view | 0 comments
Root from the parking lot: OpenWRT XSS through SSID scanning (CVE-2026-32721)
(mxsasha.eu) by birdculture | view | 0 comments
MXSS: Mutation cross-site scripting explained
(sonarsource.github.io) by fanf2 | view | 0 comments
Show HN: Laravel middleware that logs attacks-injection, XSS, bots, never blocks
(github.com) by jay123anta | view | 0 comments
Ask HN: I found a XSS exploit on a big platform provider they don't seem to care
by rbbydotdev | view | 0 comments
Goodbye InnerHTML, Hello SetHTML: Stronger XSS Protection in Firefox 148
(hacks.mozilla.org) by todsacerdoti | view | 0 comments
XSS –> RCE in Screeps, a programming game on Steam
(outsidetheasylum.blog) by Tiberium | view | 0 comments
XSS in Meta API Gateway Leads to Zero-Click Account Takeover [$300k Bounty]
(ysamm.com) by cofdof | view | 0 comments
XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover
(ysamm.com) by phwd | view | 0 comments
React Router has XSS Vulnerability · CVE-2025-59057
(github.com) by maxloh | view | 0 comments
DOMPurify, DOM-only, fast, Uber-tolerant XSS sanitizer for HTML, SVG and MathML
(cure53.de) by handfuloflight | view | 0 comments
When You Get Your MCP Wrong: Second-Order XSS to Cloudflare Access Takeover
(kazama.in) by matured_kazama | view | 0 comments