Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
China

Submission + - Chinese Facebook App XSS Leak Unfixed (blogspot.com)

An anonymous reader writes: Chinese social networking site Renren.com has long been known as being a cheap clone of the famous Facebook site.Recently, a small hobbist group has found a leak on one of the onsite apps that allow any HTML injection. Scripts injected inside the App could have easy access to users' private cookies and data.
Upon discovery, the exploit has been reported to the App's manager but 48 hours have passed and still no effort to fix the issue from either Renren or the App's manager has been made. It is estimated that at least 1,264,000 users are affected by this exploit.
Just goes to show you what China quality software is and their initiative to fix their problems.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Chinese Facebook App XSS Leak Unfixed

Comments Filter:

"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- Alfred North Whitehead

Working...