reflected XSS

Pierluigi Paganini October 03, 2022
Reflected XSS bugs in Canon Medical ’s Vitrea View could expose patient info

Trustwave researchers discovered two XSS flaws in Canon Medical ’s Vitrea View tool that could expose patient information. During a penetration test, Trustwave Spiderlabs’ researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical’s Vitrea View. The Vitrea View tool allows viewing and securely share medical images through […]

Pierluigi Paganini March 30, 2021
Reflected XSS Vulnerability In “Ivory Search” WP Plugin Impact Over 60K sites

Researchers discovered a reflected XSS vulnerability in the Ivory Search WordPress Plugin installed on over 60,000 sites. On March 28, 2021, Astra Security Threat Intelligence Team responsibly disclosed a vulnerability in Ivory Search, a WordPress Search Plugin installed on over 60,000 sites. This security vulnerability could be exploited by an attacker to perform malicious actions […]

Pierluigi Paganini July 10, 2020
KingComposer fixes a reflected XSS impacting 100,000 WordPress sites

An XSS vulnerability in the KingComposer page builder for WordPress impacts 100,000 websites using the WordPress plugin.  Researchers at Wordfence Threat Intelligence team discovered a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2020-15299, in the KingComposer WordPress plugin that potentially impacts 100,000 websites.  KingComposer a fast drag-and-drop page builder for WordPress websites, which comes complete with top-notch features embedded and […]