Feedly Android App Javascript Injection vulnerability exposes Millions of Users to Hackers


Userlevel 7
Badge +52
When it comes to Android apps, even the simplest app could greatly compromise your privacy and security. Injecting malicious JavaScript into Android applications has drawn an increased attention from the hacking community as its market share spikes. According to security researcher Jeremy S. from Singapore, a critical vulnerability in the Feedly app left millions of android app users vulnerable to the JavaScript infections.  Feedly is a very popular app available for iOS and Android devices, also integrated into hundreds of other third party apps, which offers its users to browse the content of their favourite blogs, magazines, websites and more at one place via RSS feed subscriptions. According to Google Play Store, more than 5 Million users have installed Feedly app into their Android devices. In a blogpost, the researcher reported that Feedly is vulnerable to JavaScript injection attack, which is originally referred as 'cross-site scripting' or XSS vulnerability, allows an attacker to execute any JavaScript code on client-side. JavaScript is a widely used technology within the websites and web based applications, but it is use not only for the good purposes, but for the malicious purposes as well. Full Article

0 replies

Be the first to reply!

Reply