Dossier
cross-site scripting (XSS) attacks
Coverage of cross-site scripting (XSS) attacks in the Nexus archive.
- Microsoft patches Exchange Server zero-day exploited in attacks
Microsoft has patched a zero-day vulnerability in Exchange Server that allows threat actors to execute arbitrary JavaScript code through cross-site scripting (XSS) attacks targeting Outlook Web Access users. The vulnerability is actively exploited, prompting the release of a security update.