Skype Cross Site Vulnerabilities, user accounts can be Hijacked
The Hacker News
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.
UPCOMING WEBINAR
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

According to a blog post on 1337 Blog, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user's session and even steal his/her account.

Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed here.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.