#stored-xss

[ follow ]
#fortinet #ivanti #saml-signature-verification #cve-2025 #zimbra #cve-2025-27915 #ics-malware #brazilian-military
Information security
fromThe Hacker News
3 days ago

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Critical authentication-bypass and code-execution vulnerabilities fixed in Fortinet, Ivanti, and SAP products, including Fortinet SAML signature verification and Ivanti Endpoint Manager stored XSS.
Information security
fromThe Hacker News
2 months ago

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

A stored XSS in Zimbra Classic Web Client (CVE-2025-27915) enabled arbitrary JavaScript execution, leading to data theft and email redirection from targeted accounts.
[ Load more ]