IT 计算机信息网络安全技术

IT 技术
计算机安全
网络网站安全
白帽子漏洞

© IT 计算机信息网络安全技术 | Powered by LOFTER

Web Technology:

美国有线电视新闻网跨站脚本安全漏洞


CNN (cnn.com) Travel-City Related Links XSS (cross site scripting) Security Vulnerabilities



"As of August 2013, CNN is available to approximately 98,496,000 cable, satellite and telco television households (86% of households with at least one television set) in the United States." (Wikipedia)

Based on post published on Full Disclosure, CNN.com was hacked by XSS vulnerability in 2007.

The vulnerability can be exploited without user login. Tests were performed on Firefox (34.0) in Ubuntu (14.04) and IE (9.0.15) in Windows 7.


Reported by:
Wang Jing,School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore.


Detail:
http://securityrelated.blogspot.com/2014/12/cnn-cnncom-travel-xss-and-ads-open.html




 


评论
热度 ( 19 )
  1. 白帽子安全行者路上有風有雨有彩虹 转载了此视频  到 测试想法
  2. 计算机网络技术谷雨 醉心 冬小麦 转载了此视频  到 行者路上有風有雨有彩虹
  3. 计算机网络技术IT 计算机信息网络安全技术 转载了此视频  到 IT 计算机&信息网络 技术
  4. 琐事,日常之事计算机网络技术 转载了此视频  到 IT 计算机信息网络安全技术
  5. 琐事,日常之事白帽子安全 转载了此视频
  6. 白帽子安全计算机网络技术 转载了此视频  到 湛天雲海碧波影
  7. 白帽子安全计算机网络技术 转载了此视频  到 文豆 & 文库
  8. 白帽子安全计算机网络技术 转载了此视频