back to article US National Vulnerability Database contained ... yup, an XSS vuln

The US National Vulnerability Database was itself left vulnerable to cross-site scripting last week. The NVD serves as a definitive source of information on CVE security flaws. The XSS vulnerability meant that a skilled hacker could present surfers with content from arbitrary third-party sites as if it came from the NVD itself …

  1. elDog

    Maybe it's just a big honeypot

    Or maybe the XSS vulnerabilities were implanted by a rogue state...

    1. Afernie

      Re: Maybe it's just a big honeypot

      Or maybe just incompetence. Again.

      1. Graham Marsden
        Facepalm

        Re: Maybe it's just a big honeypot

        See Hanlon's Razor for details...

  2. Ugotta B. Kiddingme

    if this isn't the quintessential definition of "irony"

    then I don't know what is. Perfectly amusing way to end the workday.

    Thanks, Reg. Off to the pub!

  3. Will Godfrey Silver badge
    Unhappy

    You couldn't make it up

    And if you did, everyone would say your plot line was unrealistic.

    1. Anonymous Coward
      Facepalm

      Re: You couldn't make it up

      Its the government, so as much as I genuinely hate to say it, this plot development is not unrealistic at all. :(

  4. CrazyCanuck

    Amazon.com and amazon.ca has an XSS vulnerability also. I reported but amazon has done NOTHING. I have scanned with unmaskparasites.com.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021