back to article XSS flaws poke ridicule at entertainment industry

Cheeky crackers used a cross-site scripting flaw on the web sites of the Motion Picture Association of America (MPAA) to inject listings from controversial torrent links site The Pirate Bay. Vektor, a member of the Team Elite group of hackers, smuggled links culled from the The Pirate Bay into content served up when surfers …


This topic is closed for new posts.
  1. Anonymous Coward

    Bleh XSS

    XSS is everywhere.

    Just two minutes after reading this article i found a XSS on

  2. Rick Giles


    Wot!? Using their full name and not calling them the Recording Industry Ass. of America? Do I detect a softening?

  3. Andrew
    Black Helicopters

    What? Who?

    I barely made it to the end of the article. You had me at "association." Who are you and what have you done with my Reg?

  4. This post has been deleted by its author

  5. John Smith Gold badge
    Thumb Up

    RIAA should have been expecting this.

    But obviously were not. They should be grateful. This was a little prank which demonstrated that in fact all your links do not belong to you any more. It could have been much worse. * They informed media outlets fairly quickly so no slow burning embarrassment as regular viewers get re-directed. No re-direction to phishing site.

    BTW do our Merkin friends pronounce RIAA like rear or diarrhoea?

    Thumbs up for the level of restraint.

    *not that I advocate terrorism.

  6. Nick L

    iWhat ?

    Are iFrames what the iPod browser displays ?

  7. Moss Icely Spaceport
    Thumb Up



  8. Colin Millar


    "...iFrames .... presented to surfers as if they came from the site they are visiting"

    What? The point about iFrames is the content is always from third party sites. There is no way to secure them from hijacking. iFrames is only used by people stuck in the past who can't be arsed to learn the proper way to do things.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021