Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

Upcoming Events:

OWASP Chapter Vienna Meetup x SBA Security Meetup

28.01.2026

Kubernetes Attack and Defense Wizardry with Stormcenter

03.03.2026 - 06.03.2026

OWASP Chapter Vienna Meetup x SBA Security Meetup

31.03.2026

SBA places 15th out of +900 at Hack.lu 2019

October 29, 2019

Andreas Boll and Tobias Fink (WE_OWN_YOU) secured the third place (local) and 15th place (overall) at the hack.lu.CTF. Many thanks to the CTF team and most importantly the CTF LVA students from TU Wien. Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology… Read More

Tomasz Miksa chaired the DMP Common Standards WG session at the 14th RDA Plenary in Helsinki

October 29, 2019

Research Data Alliance 14th Plenary in Finland brings together data experts in research, industry and policy-making from all around the world and from all disciplines under the theme Data Makes the Difference. Tomasz Miksa chaired a session of the DMP Common Standards working group. He… Read More

Stefan Jakoubi introduces strategies for technical and organisational protection of trade secrets

October 24, 2019

Stefan Jakoubi gives a talk at the annual IT-LAW.AT symposium on November 28, 2019. This year´s event will circle around trade secrets vs. transparency, security, espionage and GDPR. Read more

SBA Security Advisory – WordPress Plugin – All in One SEO Pack – Stored XSS (CVE-2019-16520)

October 23, 2019

The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement. We recommend to update the all-in-one-seo-pack plugin to version 3.2.7 or later. For further details, see the full security advisory. Read More

SBA Security Advisory – WordPress Plugin – Broken Link Checker – Reflected XSS (CVE-2019-16521)

October 23, 2019

The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payload in the s_filter GET parameter in a filter_id=search request. NOTE: this is an end-of-life product. Read More

SBA Security Advisory – WordPress Plugin – EU Cookie Law (GDPR) – Stored XSS (CVE-2019-16522)

October 23, 2019

The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. This affects Font Color, Background Color, and the Disable Cookie text. An attacker with high privileges can attack other users. Read More

SBA Security Advisory – WordPress Plugin – Events Manager – Stored XSS (CVE-2019-16523)

October 23, 2019

The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin. Read More

Edgar Weippl speaks about Security in Distributed Systems

October 18, 2019

Edgar Weippl gave a presentation on Security in Distributed Systems at the technology workshop for the financial industry “Empowered Edge für Banken und Versicherungen”. Read more

SBA Research is the first Austrian company in the CONCORDIA Course landscape!

October 15, 2019

Let’s work together to improve cyber security in the European Union! Concordia partners, both from industry and academia, put together their offer for courses aimed at developing cybersecurity skills. “Towards a European Education Ecosystem for Cybersecurity” Concordia at a glance. Read More

Matthias Eckhart speaks about ICS Security at the Austrian Disaster Research Days 2019

October 14, 2019

Matthias Eckhart gives a talk at the Austrian Disaster Research Days 2019 about the state of industrial control systems (ICS) security. Read more

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

SBA places 15th out of +900 at Hack.lu 2019

Tomasz Miksa chaired the DMP Common Standards WG session at the 14th RDA Plenary in Helsinki

Stefan Jakoubi introduces strategies for technical and organisational protection of trade secrets

SBA Security Advisory – WordPress Plugin – All in One SEO Pack – Stored XSS (CVE-2019-16520)

SBA Security Advisory – WordPress Plugin – Broken Link Checker – Reflected XSS (CVE-2019-16521)

SBA Security Advisory – WordPress Plugin – EU Cookie Law (GDPR) – Stored XSS (CVE-2019-16522)

SBA Security Advisory – WordPress Plugin – Events Manager – Stored XSS (CVE-2019-16523)

Edgar Weippl speaks about Security in Distributed Systems

SBA Research is the first Austrian company in the CONCORDIA Course landscape!

Matthias Eckhart speaks about ICS Security at the Austrian Disaster Research Days 2019

Upcoming events @ SBA

SBA Research at a glance

Highlights of the past years:

Privacy settings

SBA Research is a research center for Information Security funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Recent News:

Highlights of the past years:

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.