Skype Cross Site Vulnerabilities, user accounts can be Hijacked
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.

According to a blog post on 1337 Blog, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user's session and even steal his/her account.

Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed here.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.