Tuesday, January 22, 2008

Skype XSS Vulnerability Only Partially Fixed

A cross-site scripting (XSS) vulnerability uncovered last week by researchers Aviv Raff and Petko Petkov has been partially fixed, according to Computer World.

Basically, Skype disabled video downloads from Dailymotion, a video partnter which was the source of the problem. The root cause remains at large.

Skype acknowledged the issue on its web site but said Dailymotion was fixing the vulnerability on their site.


Post a Comment

<< Home