Threat Stream, SaaS-based cyber threat intelligence platform, offers its real-time stream of actionable intelligence to developers through the Threat Stream API. Threat Stream's big data security driven analytics creates an actionable, context rich stream of intelligence that meets the needs of government and enterprise security operations. Machine learning and sophisticated algorithms reduce false-positives and give users world class security capabilities.
The way the Square API delivers JSON output makes it possible for an attacker to engage in a cross-site scripting (XSS) under certain circumstances. The vulnerability was discovered by security researcher Ajay Chavda and reported to Square on August 7, 2015 through its bounty program on hackerone.