Skype has promised to fix a cross-site scripting flaw that exposes Windows users of VoIP technology to potential attack. The flaw was discovered by independent security researcher Levent Kayan, who warned that a hacker might be able to enter a string of JavaScript code into the "mobile phone" field. This would enable a hacker …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 20th July 2011 00:04 GMT Steen Hive

Good Grief

Did I pick this up right? Why in Jesus Hairy Christ's name is a textfield on a CLIENT app even capable of taking JavaScript input?

1 0

This topic is closed for new posts.

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

User topics

Article topics

Skype: XSS vuln fix is on the way

COMMENTS

Good Grief

Other stories you might like

Hacking contest kerfuffle over copied rules pits Wiz against ZDI

Leak suggests US government is fibbing over FEMA security failings

Google declares AI bug hunting season open, sets a $30K max reward

Dutch teen duo arrested over alleged 'Wi-Fi sniffing' for Russia

Android 'Pixnapping' attack can capture app data like 2FA codes

Google DeepMind minds the patch with AI flaw-fixing scheme

Feds cut funding to program that shared cyber threat info with local governments

Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales

Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried

Pentagon decrees warfighters don't need 'frequent' cybersecurity training

Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal

Zero-day in file-sharing software leads to RCE, and attacks are ongoing

About Us

Our Websites

Your Privacy