Skype Cross Site Vulnerabilities, user accounts can be Hijacked
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
According to a blog post on 1337 Blog, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user's session and even steal his/her account.
Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed here.