Web News, Technology, Science, etc
网络技术是从1990年代中期发展起来的新技术,它把互联网上分散的资源融为有机整体,实现资源的全面共享和有机协作,使人们能够透明地使用资源的整体能力并按需获取信息。
美国有线电视新闻网跨站脚本安全漏洞
CNN (cnn.com) Travel-City Related Links XSS (cross site scripting) Security Vulnerabilities
"As of August 2013, CNN is available to approximately 98,496,000 cable, satellite and telco television households (86% of households with at least one television set) in the United States." (Wikipedia)
Based on post published on Full Disclosure, CNN.com was hacked by XSS vulnerability in 2007.
The vulnerability can be exploited without user login. Tests were performed on Firefox (34.0) in Ubuntu (14.04) and IE (9.0.15) in Windows 7.
Reported by:
Wang Jing,School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore.
Detail:
http://securityrelated.blogspot.com/2014/12/cnn-cnncom-travel-xss-and-ads-open.html
评论