Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - Digg.com Accounts Compromised

An anonymous reader writes: There is a cross-site scripting vulnerbility on the registration page of popular social networking site Digg.com. The hole allows cookies and sessions of logged-in users to be hijacked, compromising the account. The exploit can be triggered simply by a user clicking a maliciously-crafted link. A full explanation and sample exploit code is available here

In seeking the unattainable, simplicity only gets in the way. -- Epigrams in Programming, ACM SIGPLAN Sept. 1982

Working...