YISTA

Reddit.com XSS Exploit

May 27th, 2007 by Marston

Reddit
We’re not sure if this is directly related to the Ajax exploit we posted about, but interesting to see the point proven that security shouldn’t be forgotten in the name of “Web 2.0”

Apparently it was a simple as them not validating any input on their posts/comments :-( as reported here. This is a similar technique used back when MySpace incurred a similar fate (Sammy will always be my hero.).

It also seems the creators knew about this months ago but decided it wasn’t a priority, bummer.

Here is the actual post of reddit where users figured it out. There haven’t been any malicious hack attempts as of yet, but if they don’t fix it soon you can bet there will be.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Filed under: Hacks, Security, Social Networking

One Response to “Reddit.com XSS Exploit”

  1. Anon
    May 30th, 2007 - 1:09 pm

    Its odd how people always use the word “hacked” even though it was only a vulnerability discovery.

    I.E. This Digg article
    http://digg.com/tech_news/reddit_has_been_hacked

Leave a Reply

Yah, I saw that already too, but just in case you may missed something YISTA is here to keep you up-to-date on the latest hardware, technologies, hacks and caffeinated properties :) Subscribe to our newsletter. Send tips and requests.
Grab our RSS feed   |  Follow us on Twitter YISTA on Twitter

Additional Possibly Related Posts:

  • MacBook Zero-Day @ CanSecWest
  • Frappr
  • Equals Party Line Facebook App
  • Universal iPod Remote Hack

YISTA Sections Show Sections | Hide Sections

  • *nix
  • Apple
  • Arts
  • Audio
  • Caffeine
  • Coding
  • Conferences
  • Design
  • File Sharing
  • Gadgets
  • Games
  • Gaming
  • Google
  • Guides
  • Hacks
  • Hardware
  • Health
  • iPod
  • Laptops
  • Microsoft
  • Mobiles
  • Mods
  • Movies
  • Networking
  • News
  • Nintendo
  • Open Source
  • Parody
  • Rumors
  • Search
  • Security
  • Social Networking
  • Software
  • TV
  • Uncategorized
  • Videos
  • Viruses
  • VoIP
  • Web 2.0
  • Wireless

YISTA Sections Open Cloud Manifesto Leaked ICOO V616 MP3 Player Equals Party Line Facebook App Steampunk Star Wars Guitar Hero 3 Now On The BlackBerry Asus EEE Desktop PC Free The Pirate Bay, Wear Yellow for Sharing Red RIM Red RIM Reddit.com XSS Exploit Klikk Camera Mount iPhone Email Client Enhancements Facebook Secrets Revealed

Hot Topics

Amazon Apple Arts Blackberry Caffeine code Coding comic compiz Conferences Dell Design DIY DRM Firefox Flickr Google Hacks Hardware iPhone iPod iTunes Linux Macbook Mac OS X Mobiles music Nintendo OLPC Open Source Palm Parody robots Search Security Software space The Pirate Bay torrents Ubuntu Videos VoIP Web 2.0 web app Wii

. Sign up for the YISTA daily email
You will receive our new posts delivered right into your inbox every afternoon. It's free and easy!

Recent Comments

Create MPEGs of Your Favorite YouTube Videos

1 Comment
Microsoft’s “Big Ass Table”

1 Comment
Open Cloud Manifesto Leaked

1 Comment
Tweet on Twitter Clients

1 Comment

Recent Posts

Japanese Astronauts Flying Carpet Trick
05/20/2009
Amazon Kindling
05/13/2009
TCHOPro Chocolate
05/06/2009
Asus Seashell EEE 1008HA
05/06/2009
Begin Charting Your Life
05/06/2009

About YISTA

YISTA is the No. 1 technologist's guide for geeks. w00t indeed!

Subscribe: Newsletter | RSS Feed RSS

Browse: The Archives

Contact: Tips & Requests | Advertise

Copyright © 2005-2008 YISTA. All rights reserved.  Proudly powered by WordPress.