Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms
Two Indian Security Researchers Aditya Gupta (@adi1391) and Subho Halder (@sunnyrockzzs) have found a serious Cross Site Scripting vulnerability in one of the most famous social networking websites Tumblr.
This could be used to steal the cookies of the authenticated user, as well as could be used to make a worm, like the one seen in MySpace (Samy Worm) and Orkut (Bom Sabado) earlier.
"We have also tried to contact them via Twitter and mail earlier, but no response from their side. So we have decided to release it. Well, not exactly, where the vulnerability is, but just to let them know that it is vulnerable."
Tumblr is the one of the most popular social networking websites worldwide, and is ranked 37th by Alexa.
Popular Deals From Our Store
Ethical Hacking Certification Training
Get Professional Ethical Hacking Certifications: CEH, CHFI, CISM, CISA, CISSP Trainings.
96% Off Get this Deal
Computer Hacking Forensic Investigation
Online Hands-on Training with Lifetime Access to Forensic Investigation Certification Classes.
98% Off Get this Deal