Peaches Posted July 6, 2010 Report Share Posted July 6, 2010 5 July 2010, 14:00Google fixes cross-site scripting vulnerability in YouTube comments Over the weekend, unknown perpetrators added comments containing HTML code to a number of videos on YouTube. The HTML code was then executed in visitors' browsers. According to several US media reports, videos by young singer Justin Bieber in particular were targeted by the attacks. According to one report, the comments caused pop-ups containing insulting messages to open and also opened additional (adult) web pages. It's not clear whether these web pages also led to malware-infected web sites and infected users' PCs. Some German bloggers also fell victimGerman language link) to the XSS attacks, with unknown perpetrators placing moving text across the screen using the marquee HTML tag. ( Details here: http://www.h-online.com/security/news/item/Google-fixes-cross-site-scripting-vulnerability-in-YouTube-comments-1032988.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.