User topics

Article topics

Log in Sign up

Skype: XSS vuln fix is on the way

Skype has promised to fix a cross-site scripting flaw that exposes Windows users of VoIP technology to potential attack. The flaw was discovered by independent security researcher Levent Kayan, who warned that a hacker might be able to enter a string of JavaScript code into the "mobile phone" field. This would enable a hacker …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 20th July 2011 00:04 GMT Steen Hive

Good Grief

Did I pick this up right? Why in Jesus Hairy Christ's name is a textfield on a CLIENT app even capable of taking JavaScript input?

1 0

This topic is closed for new posts.

Other stories you might like

Uncle Sam kills funding for CVE program. Yes, that CVE program

Updated Because vulnerability management has nothing to do with national security, right?

CSO 16 Apr 2025 | 179

CVE fallout: The splintering of the standard vulnerability tracking system has begun

Comment MITRE, EUVD, GCVE … WTF?

Spotlight on RSAC 18 Apr 2025 | 88

Google's got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft's $20B+ security biz

Cloud Next How Chocolate Factory hopes to double down on enterprise-sec

CSO 9 Apr 2025 | 7

CVE program gets last-minute funding from CISA – and maybe a new home

Uncertainty is the new certainty

CSO 16 Apr 2025 | 32

America's cyber defenses are being dismantled from the inside

Opinion The CVE system nearly dying shows that someone has lost the plot

CSO 23 Apr 2025 | 91

Bad luck, Windows 10 users. No fix yet for ransomware-exploited bug

Patch Tuesday A novel way to encourage upgrades? Microsoft would never stoop so low

Patches 8 Apr 2025 | 14

We’re calling it now: Agentic AI will win RSAC buzzword Bingo

RSAC All aboard the hype train

Spotlight on RSAC 23 Apr 2025 | 7

Ex-NSA chief warns AI devs: Don’t repeat infosec’s early-day screwups

Bake in security now or pay later, says Mike Rogers

AI Software Development Week 23 Apr 2025 | 6

Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps

10 other certificates 'were mis-issued and have now been revoked'

CSO 22 Apr 2025 | 13

Today's LLMs craft exploits from patches at lightning speed

Erlang? Er, man, no problem. ChatGPT, Claude to go from flaw disclosure to actual attack code in hours

AI Software Development Week 21 Apr 2025 | 19

Krebs throws himself on the grenade, resigns from SentinelOne after Trump revokes clearances

Illegitimi non carborundum? Nice password, Mr Ex-CISA

Spotlight on RSAC 17 Apr 2025 | 68

Don't open that JPEG in WhatsApp for Windows. It might be an .EXE

What a MIME field

Patches 8 Apr 2025 | 29

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2025