Search This Blog

Powered by Blogger.

Blog Archive

Labels

Non-Persistent XSS Vulnerability found in Skype Website and Patched


The Vulnerability-Lab Team discovered a Non-Persistent cross site scripting (XSS) vulnerability on the Skype main vendor website.he vulnerability allows remote

attackers to hijack skype customer sessions via cross site scripting. Successful exploitation of the client-side vulnerability can result in session hijacking & account steal.

They reported about the vulnerability on Nov 4 ,2011.

Skype patched the Vulnerability on Nov 10, 2011.  Vulnerability-Lab published the information on Nov 11,2011.

Vulnerability Information:
  • Target: Skype Website
  • Type: XSS(Non-Persistent)
  • Alert Level: Low
  • Status: Patched.
  • Discovered By:  Aditya Gupta @ Vulnerability-Lab

Share it:

Vulnerability

Web Application Vulnerability

XSS Vulnerability