Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
11 articles

#XSS

All CosmicBytez Labs articles tagged #XSS, across news, security advisories, how-to guides, and projects.

  • NewsMay 18, 2026

    Microsoft Exchange Zero-Day Under Attack, No Patch Available

    A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...

  • SecurityMay 15, 2026

    CVE-2026-44212: PrestaShop Stored XSS in Customer Service

    A stored Cross-Site Scripting vulnerability (CVSS 9.3) in PrestaShop's back-office Customer Service view allows unauthenticated attackers to inject...

  • SecurityMay 12, 2026

    CVE-2025-61311: Reflected XSS in docuForm Managed Print

    A reflected cross-site scripting vulnerability in the dfm-menu_alerts.php component of GmbH Mecury docuForm v11.11c allows attackers to execute arbitrary...

  • SecurityMay 3, 2026

    CVE-2026-5324: WordPress Brizy Page Builder Unauthenticated

    The Brizy Page Builder plugin for WordPress contains a critical unauthenticated Stored Cross-Site Scripting flaw in versions up to 2.8.11, enabling...

  • NewsApr 26, 2026

    Over 10,000 Zimbra Servers Vulnerable to Ongoing XSS Attacks

    CISA has confirmed that a cross-site scripting vulnerability in Zimbra Collaboration Suite is being actively exploited in the wild, with over 10,000...

  • SecurityApr 24, 2026

    Hackage Haskell Repository Stored XSS Enables Credential

    A critical stored XSS vulnerability in hackage-server allows HTML and JavaScript files uploaded via source packages or documentation to execute in...

  • SecurityApr 17, 2026

    CVE-2026-40322: SiYuan XSS via Mermaid innerHTML Injection

    SiYuan knowledge management versions 3.6.3 and below render Mermaid diagrams with loose security, allowing attacker-controlled javascript: URLs to execute...

  • SecurityApr 11, 2026

    CVE-2026-31845: Rukovoditel CRM Reflected XSS in Zadarma

    Rukovoditel CRM versions 3.6.4 and earlier contain a critical reflected XSS vulnerability in the Zadarma telephony API endpoint. The application reflects...

  • SecurityMar 17, 2026

    CVE-2015-20118: Stored XSS in RealtyScript 4.0.2 Admin

    A stored cross-site scripting vulnerability in RealtyScript 4.0.2 allows attackers to inject malicious JavaScript via the location_name parameter in the...

  • SecurityMar 16, 2026

    CVE-2015-20115: RealtyScript 4.0.2 Stored XSS via File

    CVE-2015-20115 is a stored cross-site scripting vulnerability in RealtyScript 4.0.2 that allows authenticated attackers to upload malicious script files...

  • SecurityMar 8, 2026

    ZITADEL Critical XSS in SAML Endpoint Enables 1-Click

    A critical cross-site scripting vulnerability in ZITADEL's login V2 /saml-post endpoint allows unauthenticated attackers to execute arbitrary JavaScript...