The way the Square API delivers JSON output makes it possible for an attacker to engage in a cross-site scripting (XSS) under certain circumstances. The vulnerability was discovered by security researcher Ajay Chavda and reported to Square on August 7, 2015 through its bounty program on hackerone.
The Burstly Skyrocket API for download tracking of conversions from mobile ads uses as RESTful http interface. More than 300,000 apps use Burstly services to beta test, analyze and monetize their offerings. By spanning the development process from end to end, Burstly's newly structured offerings give developers the choice between choosing among Testflight, Flightpath, and Skyrocket, or using them all.
DriveWealth has announced an expansion of its API portfolio. The latest set of APIs focus on wealth management and assist investment advisors to better serve their clients. The new APIs enable recommendations, automated portfolio balancing, and fully discretionary investor options.