API Security Testing for Dummies [Free eBook]
Skype Cross Site Vulnerabilities, user accounts can be Hijacked
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.
According to a blog post on 1337 Blog, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user’s session and even steal his/her account.
Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed here.
➤ Read Latest Stories
Check Out These Free Cybersecurity Resources
Securely Integrate Open Source Into Your Software Supply Chain
Earn a Master's in Cybersecurity Risk Management
Exclusive Cybersecurity Deals
🔥 Learn Professional Hacking
10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.
➤ Access Online Training Courses
🔥 Cybersecurity Certification Training
Get 1-year access to 108 hours of instruction on globally-recognized CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.
➤ Access Online Training Courses
📰 News Stories from 24 Feb, 2012