Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / XSS / New Account hijacking vulnerability found in Skype

New Account hijacking vulnerability found in Skype

Posted by Deepanker Verma Saturday, July 30, 2011 0 comments

New Account hijacking vulnerability found in Skype


A critical Cross site scripting (XSS) has been found in Skype which leads to account hijacking. This vulnerability is found in the versions which have facebook integration. This integration alllows users to  see the facebook activity and post status updates. 
security researcher David Vieira-Kurz discovered that the status comment field does not properly sanitize input and executes JavaScript code. Any attacker can exploit this vulnerability to post a comment that executes rogue code which steals a visitor's Skype session cookie when they view it in the browser.
But the attacker should in friend list, this is the limitation of this attack
Categories: ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz