About.com has a huge security problem, but it's likely worse for the over 98 million monthly visitors to the About Group's various topic-specific subdomains.
A security researcher disclosed Monday that "at least 99.88%" of all topic links and all domains related to About.com are vulnerable to open XSS (Cross Site Scripting) and Iframe Injection (Cross Frame Scripting, XFS) attacks.
According to the researcher's findings and proof-of-concept results, all subdomains of About.com are affected.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=iFrame-Injection
- http://www.scoop.it/t/securite-pc-et-internet/?tag=XSS
About.com has a huge security problem, but it's likely worse for the over 98 million monthly visitors to the About Group's various topic-specific subdomains.
A security researcher disclosed Monday that "at least 99.88%" of all topic links and all domains related to About.com are vulnerable to open XSS (Cross Site Scripting) and Iframe Injection (Cross Frame Scripting, XFS) attacks.
According to the researcher's findings and proof-of-concept results, all subdomains of About.com are affected.