Recently Electronic Arts Games company web server has been compromised by hackers, they are placed form for asks users to enter their Apple IDs the credentials needed to access services like Apple's iTunes.Today German researcher Maurice Woitzyk found the new Cross site scripting(XSS) vulnerability on EA sports subdomain(help.ea.com) website.
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users.
A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.
I have informed this vulnerability to Electronic Arts sports, let wait for their response.
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
No comments:
Post a Comment