Cloud Security

Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms

Jun 10, 2012Mohit Kumar

Serious Tumblr Cross Site Scripting Vulnerability can be used to Spread Worms

The Hacker News

Two Indian Security Researchers Aditya Gupta (@adi1391) and Subho Halder (@sunnyrockzzs) have found a serious Cross Site Scripting vulnerability in one of the most famous social networking websites Tumblr.

This could be used to steal the cookies of the authenticated user, as well as could be used to make a worm, like the one seen in MySpace (Samy Worm) and Orkut (Bom Sabado) earlier.

"We have also tried to contact them via Twitter and mail earlier, but no response from their side. So we have decided to release it. Well, not exactly, where the vulnerability is, but just to let them know that it is vulnerable."

Tumblr is the one of the most popular social networking websites worldwide, and is ranked 37th by Alexa.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

bug tracker, bug tracking system, GENERAL NEWS, Hacker News, Indian Hackers, Malware, News, Security News, Vulnerability, vulnerability assessment, vulnerability scan, vulnerability scanner

⚡ Download Your Copy Now!

How to Update and Automate Outdated Security Processes

Download the eBook for step-by-step guidance on how to update your security processes as your business grows.

Cybersecurity Webinars

Real Threats, Real Solutions

Learn Techniques to Secure Software Supply Chain

Boost your resilience against evolving cyber threats with proactive threat hunting tips from leading industry experts.

Save Your Business from Shutdown

Learn Advanced DDoS Prevention Tactics

Explore the latest in DDoS attack tactics and how to shield your business from advanced DDoS threats at our live webinar.

Breaking News

Cybersecurity Resources

Report: When to Use Tines Vs Python for Security Automation

Security researcher Conor Dunne compares automating with code Vs the Tines workflow builder.

Learn How to Improve Device Security with Partitioning

This free ebook leads you through partitioning MCU software, then imposing limits on what hackers can do from inside partitions.

Rising Challenges in Cyber Insurance: What Companies Must Know

A comprehensive survey sheds light on the critical aspects of cyber insurance, revealing more than just a 'check-the-box' necessity for organizations.

Cybersecurity with Georgetown

Want To Excel as a Cybersecurity Professional?

Develop cybersecurity strategies that increase security with Georgetown.