Threat Post

Valve Patches Trivial XSS Bug in Steam

A cross-site scripting vulnerability on the Steam gaming platform has been patched. The flaw could be exploited by simply viewing a crafted profile. Valve Corp., has patched a cross-site scripting ...
Bleeping Computer

High-severity GitLab flaw lets attackers take over accounts

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. The security flaw (tracked as CVE-2024-4835) ...