|26 Feb 2012||#1|
XSS Flaw discovered in Skype’s Shop, user accounts targeted
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.
Upon successful exploitation the vulnerability allows an attacker to hijack cookies via required user interaction, leading to complete session hijacking and stealing of the account.
Skype has been informed of the vulnerabilities and is currently investigating.
|My System Specs|
|Similar help and support threads for2: XSS Flaw discovered in Skype’s Shop, user accounts targeted|
|Recently patched Java flaw already targeted in mass attacks||Security News|
|miniFlame discovered, designed for targeted cyber espionage||Security News|
|Microsoft to repair IE flaw discovered at hacking contest||Security News|
|New targeted Mac OS X Trojan requires no user interaction||Security News|
|Major Flaw in Wi-Fi Protected Access Discovered||Security News|
|Skype for Android Security Flaw: What You Need to Know||Security News|
|Newly discovered Windows kernel flaw bypasses UAC||Security News|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:33 AM.