YISTA

Reddit.com XSS Exploit

May 27th, 2007 by Marston

Reddit
We’re not sure if this is directly related to the Ajax exploit we posted about, but interesting to see the point proven that security shouldn’t be forgotten in the name of “Web 2.0”

Apparently it was a simple as them not validating any input on their posts/comments :-( as reported here. This is a similar technique used back when MySpace incurred a similar fate (Sammy will always be my hero.).

It also seems the creators knew about this months ago but decided it wasn’t a priority, bummer.

Here is the actual post of reddit where users figured it out. There haven’t been any malicious hack attempts as of yet, but if they don’t fix it soon you can bet there will be.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]
Filed under: Hacks, Security, Social Networking

One Response to “Reddit.com XSS Exploit”

  1. Anon
    May 30th, 2007 - 1:09 pm

    Its odd how people always use the word “hacked” even though it was only a vulnerability discovery.

    I.E. This Digg article
    http://digg.com/tech_news/reddit_has_been_hacked

Leave a Reply

Yah, I saw that already too, but just in case you may missed something YISTA is here to keep you up-to-date on the latest hardware, technologies, hacks and caffeinated properties :) Subscribe to our newsletter. Send tips and requests.
Grab our RSS feed   |  Follow us on Twitter YISTA on Twitter

Additional Possibly Related Posts:

  • MacBook Zero-Day @ CanSecWest
  • Frappr
  • Equals Party Line Facebook App
  • Universal iPod Remote Hack

YISTA Sections Show Sections | Hide Sections

  • *nix
  • Apple
  • Arts
  • Audio
  • Caffeine
  • Coding
  • Conferences
  • Design
  • File Sharing
  • Gadgets
  • Games
  • Gaming
  • Google
  • Guides
  • Hacks
  • Hardware
  • Health
  • iPod
  • Laptops
  • Microsoft
  • Mobiles
  • Mods
  • Movies
  • Networking
  • News
  • Nintendo
  • Open Source
  • Parody
  • Rumors
  • Search
  • Security
  • Social Networking
  • Software
  • TV
  • Uncategorized
  • Videos
  • Viruses
  • VoIP
  • Web 2.0
  • Wireless

YISTA Sections Happy ASCII Xmas Meticulous Transcription: Paranoid Android ROFLCon Signed OLPC on eBay Powerset vs. Google on Wikipedia Tweet on Twitter Clients Asus EEE Desktop PC IPv6 Is Activated On Internet Root DNS Servers Google Responds To Possible Yahoo Acquisition By Microsoft WiiSaberific! A Better iPod Manager :: YamiPod Red RIM Red RIM Wii Fit To Hit US In Q2

Hot Topics

Amazon Apple Arts Blackberry Caffeine code Coding comic compiz Conferences Dell Design DIY DRM Firefox Flickr Google Hacks Hardware iPhone iPod iTunes Linux Macbook Mac OS X Mobiles music Nintendo OLPC Open Source Palm Parody robots Search Security Software space The Pirate Bay torrents Ubuntu Videos VoIP Web 2.0 web app Wii

. Sign up for the YISTA daily email
You will receive our new posts delivered right into your inbox every afternoon. It's free and easy!

Recent Comments

Steampunk Star Wars
03/10/2010 05:39 pm
2 Comments
Fujitsu ScanSnap S510 Mac Hack Download
03/10/2010 07:07 am
3 Comments
Lazy Sunday Live on Late Night w/ Jimmy Fallon
03/09/2010 10:18 am
2 Comments
SNL’s “Lazy Sunday”

1 Comment

Recent Posts

Lazy Sunday Live on Late Night w/ Jimmy Fallon
03/09/2010
Fujitsu ScanSnap S510 Mac Hack Download
03/01/2010
Android Mini Collectibles
02/03/2010
Chromium Concept Touch UI Under Development
02/02/2010
Pyxis is a Professional Arduino OS
02/02/2010

About YISTA

YISTA is the No. 1 technologist's guide for geeks. w00t indeed!

Subscribe: Newsletter | RSS Feed RSS

Browse: The Archives

Contact: Tips & Requests | Advertise

Copyright © 2005-2008 YISTA. All rights reserved.  Proudly powered by WordPress.