The ongoing Digg versus Netscape spat has apparently escalated into a hacking attack against America Online's Netscape.com social media Web site.
Virus researchers at Finnish security vendor F-Secure discovered the Netscape.com hack during research work around cross-site scripting vulnerabilities on social networking sites and said the attack was obviously the work of Digg fans. In the cross-site scripting attacks, visitors to Netscape.com encountered JavaScript pop-up alerts with comical pro-Digg messages and, in some cases, were redirecting Netscape.com visitors to Digg.
"Attackers (who are obviously fans of Digg) have used the XSS vulnerability to inject their own JavaScript code snippets into pages on the website, including the homepage," said a note posted by F-Secure anti-phishing researcher S.G Masood.
Netscape released a statement this afternoon stating that the vulnerability had been patched and that visitors are once again safe browsing the site.
View: Netscape.com | Digg
Virus researchers at Finnish security vendor F-Secure discovered the Netscape.com hack during research work around cross-site scripting vulnerabilities on social networking sites and said the attack was obviously the work of Digg fans. In the cross-site scripting attacks, visitors to Netscape.com encountered JavaScript pop-up alerts with comical pro-Digg messages and, in some cases, were redirecting Netscape.com visitors to Digg.
"Attackers (who are obviously fans of Digg) have used the XSS vulnerability to inject their own JavaScript code snippets into pages on the website, including the homepage," said a note posted by F-Secure anti-phishing researcher S.G Masood.
Netscape released a statement this afternoon stating that the vulnerability had been patched and that visitors are once again safe browsing the site.
View: Netscape.com | Digg
I am shocked that this has gotten so much support on Digg.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.