cancel
Showing results for 
Search instead for 
Did you mean: 

XSS flaw in popular video-sharing site allowed DDoS attack through browsers

Highlighted
Sr. Community Expert Advisor

XSS flaw in popular video-sharing site allowed DDoS attack through browsers

Attackers exploited the vulnerability to hijack 22,000 browsers and launch a large-scale DDoS attack, researchers from Incapsula said.

 

Attackers exploited a vulnerability in a popular video-sharing site to hijack users' browsers for use in a large-scale distributed denial-of-service attack, according to researchers from Web security firm Incapsula.

The attack happened Wednesday and was the result of a persistent cross-site scripting (XSS) vulnerability in a website that Incapsula declined to name, but said is among the top 50 websites in the world by traffic based on statistics from Amazon-owned firm Alexa.

XSS flaws are the result of improper filtering of user input and can allow attackers to inject unauthorized script code into Web pages. If the code is stored permanently by the server and delivered to all users who view the affected page, the attack is considered persistent.

 

Full Article


Sr. Community Expert Advisor


 


2016-07-18_12-11-32.png Microsoft® Windows Insider MVP - Windows Security

Message 1 of 1