Security researcher Mr.brahm is found the XSS(cross site scripting) Vulnerability in Worlds top Universities Harvard University, Stanford University, Rice University, University OF Michigan Websites. they used other exploits to upload any file.
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.
Cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007.
Mr.Brahm is the member on TEAM ICR(Indian Cyber Rakshak) and he is already informed this vulnerability to universities.
Below is the reference images:
.PNG)
I have sent email to researcher fo getting full information, Once I get the information I will update this.
Update 22-Jan-2014, we got response from Researcher and they said this vulnerability in not only above mentioned universities many prestigious universities websites found with this vulnerability.
With this vulnerability hackers can able to theft the Data from website and user credentials also affected.
This the listed universities according to screenshots:
buffalo
berkeley
rice
luthercollege
arizona
umich
usna
marshall
northwestern
rutgers
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.
Cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 84% of all security vulnerabilities documented by Symantec as of 2007.
Mr.Brahm is the member on TEAM ICR(Indian Cyber Rakshak) and he is already informed this vulnerability to universities.
Below is the reference images:
I have sent email to researcher fo getting full information, Once I get the information I will update this.
Update 22-Jan-2014, we got response from Researcher and they said this vulnerability in not only above mentioned universities many prestigious universities websites found with this vulnerability.
With this vulnerability hackers can able to theft the Data from website and user credentials also affected.
This the listed universities according to screenshots:
buffalo
berkeley
rice
luthercollege
arizona
umich
usna
marshall
northwestern
rutgers
No comments:
Post a Comment