Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
China

Submission + - Chinese Facebook App XSS Leak Unfixed (blogspot.com)

An anonymous reader writes: Chinese social networking site Renren.com has long been known as being a cheap clone of the famous Facebook site.Recently, a small hobbist group has found a leak on one of the onsite apps that allow any HTML injection. Scripts injected inside the App could have easy access to users' private cookies and data.
Upon discovery, the exploit has been reported to the App's manager but 48 hours have passed and still no effort to fix the issue from either Renren or the App's manager has been made. It is estimated that at least 1,264,000 users are affected by this exploit.
Just goes to show you what China quality software is and their initiative to fix their problems.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Chinese Facebook App XSS Leak Unfixed

Comments Filter:

When in doubt, mumble; when in trouble, delegate; when in charge, ponder. -- James H. Boren

Working...