Follow Slashdot stories on Twitter


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Chinese Facebook App XSS Leak Unfixed (

An anonymous reader writes: Chinese social networking site has long been known as being a cheap clone of the famous Facebook site.Recently, a small hobbist group has found a leak on one of the onsite apps that allow any HTML injection. Scripts injected inside the App could have easy access to users' private cookies and data.
Upon discovery, the exploit has been reported to the App's manager but 48 hours have passed and still no effort to fix the issue from either Renren or the App's manager has been made. It is estimated that at least 1,264,000 users are affected by this exploit.
Just goes to show you what China quality software is and their initiative to fix their problems.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Chinese Facebook App XSS Leak Unfixed

Comments Filter:

Intel CPUs are not defective, they just act that way. -- Henry Spencer