Non-Persistent XSS Vulnerability found in Skype Website and Patched

The Vulnerability-Lab Team discovered a Non-Persistent cross site scripting (XSS) vulnerability on the Skype main vendor website.he vulnerability allows remote

attackers to hijack skype customer sessions via cross site scripting. Successful exploitation of the client-side vulnerability can result in session hijacking & account steal.

They reported about the vulnerability on Nov 4 ,2011.

Skype patched the Vulnerability on Nov 10, 2011.  Vulnerability-Lab published the information on Nov 11,2011.

Vulnerability Information:

• Target: Skype Website
• Type: XSS(Non-Persistent)
• Alert Level: Low
• Status: Patched.
• Discovered By:  Aditya Gupta @ Vulnerability-Lab