Published on June 26th, 2015 📆 | 2963 Views ⚑


Stored XSS Flaw Patched in Thycotic Secret Server

Text to Speech Voices

Thycotic, a maker of access-control and other security products, has patched a stored cross-site scripting vulnerability in one of its products that could enable an attacker to steal a victim’s stored passwords.

The vulnerability is in the company’s Secret Server product, which is designed to provide password management for enterprises. Marco Delai, a researcher at Compass Security in Switzerland, discovered the stored XSS flaw in the software and reported it to the company.