The Weather Channel fixes web app flaws

The Weather Channel fixes web app flaws

 

The Weather Channel has fixed a common web application security problem on its website that made nearly all links vulnerable to cross-site scripting attacks.

computer-security

Wang Jing, a doctoral student at the School of Physical and Mathematical Sciences at Nanyang Technological University in Singapore, found more than 75 percent of the Web pages on Weather.com were vulnerable.

“Attackers just need to add script at the end of The Weather Channel’s URLs," Wang wrote. “Then the scripts will be executed."

http://aibiyi.lofter.com/post/1cc9f4e9_418399b

廣告

發表迴響

在下方填入你的資料或按右方圖示以社群網站登入:

WordPress.com Logo

您的留言將使用 WordPress.com 帳號。 登出 / 變更 )

Twitter picture

您的留言將使用 Twitter 帳號。 登出 / 變更 )

Facebook照片

您的留言將使用 Facebook 帳號。 登出 / 變更 )

Google+ photo

您的留言將使用 Google+ 帳號。 登出 / 變更 )

連結到 %s