Description:
In this video, Leonardo Armando Iarrusso shows a real XSS and Session Hijacking attack on
The Register website. The attack demonstration is carried out in a responsible way by creating a new user account which is shown for hijacking purposes. It's a shame to see such a popular site being coded in such an insecure way! Thumbs up to Leonardo for finding this vulnerability and posting it to SecurityTube.
It is important to note that Leonardo has informed about this vulnerability to The Register who seem to have promptly fixed it. Read his blog post
here.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: