Today German researcher Maurice Woitzyk found the new Cross site scripting(XSS) vulnerability on ICQ website chat session(www.icq.com).Yesterday same researcher discovered the Cross site scripting(XSS) vulnerability on EA sports subdomain(help.ea.com) website.
ICQ LLC is an instant messaging computer program that was first developed and popularized by the Israeli company Mirabilis, which was acquired by America Online (AOL), and since April 2010 owned by Mail.Ru Group.
They are logged in to ICQ website with their credentials, after that friends list will be loaded on the page. they are entered HTML Code (XSS Vulnerability (Reflected)) into the user search box.
This Vulnerability is in all On-Site Chats around the world.
Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter
No comments:
Post a Comment