Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Hackers Exploit HTTP/2 Flaw to Launch Arbitrary Cross-Site Scripting Attacks
Malware and Vulnerabilities
May 27, 2025
gbhackers
Researchers have uncovered critical vulnerabilities in HTTP/2 server push and Signed HTTP Exchange (SXG) that allow attackers to bypass the Same-Origin Policy (SOP). These flaws enable off-path attacks.
Read More
HTTP/2
Signed HTTP Exchange
Same Origin Policy
CrossPUSH
CrossSXG
Publisher
Previous
Critical GitHub MCP Server Vulnerability Allows Unautho ...
Malware and Vulnerabilities
Next
SilverRAT Remote Access Trojan Source Code Leaked on Gi ...
Malware and Vulnerabilities