Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms - The Hacker News
Loading
Sign up for Quick Updates

Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms

Posted by: Mohit Kumar onSaturday, June 09, 2012
Follow Us

Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms
Two Indian Security Researchers Aditya Gupta (@adi1391) and Subho Halder (@sunnyrockzzs) have found a serious Cross Site Scripting vulnerability in one of the most famous social networking websites Tumblr.

This could be used to steal the cookies of the authenticated user, as well as could be used to make a worm, like the one seen in MySpace (Samy Worm) and Orkut (Bom Sabado) earlier.

"We have also tried to contact them via Twitter and mail earlier, but no response from their side. So we have decided to release it. Well, not exactly, where the vulnerability is, but just to let them know that it is vulnerable."

Tumblr is the one of the most popular social networking websites worldwide, and is ranked 37th by Alexa.
Posted in Categories: , , , , , , , , , , ,

Author Info

photo of Mohit Kumar

aka 'Unix Root' is Founder and Editor-in-chief of 'The Hacker News'. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | | | Facebook Profile