Skype Cross Site Vulnerabilities, user accounts can be Hijacked
The independent security researcher Ucha Gobejishvili has detected a cross site scripting (XSS) vulnerabilities affecting shop.skype.com and api.skype.com.

According to a blog post on 1337 Blog, the XSS flaw discovered on these sites could allow an attacker to hijack cookies if he manages to convince the potential victim to click on a specially designed link. If exploited successfully, a hacker could hijack the user’s session and even steal his/her account.

Skype has been informed of the vulnerabilities and is currently investigating. Other XSS discovered by him are listed here.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.