XSS flaw on Wix leaves the door open to worms

XSS flaw on Wix leaves the door open to worms

A cross-site scripting vulnerability on a single website can divert unsuspecting users to malicious sites. When that same vulnerability exists across millions of websites, a worm can hop from site to site and compromise even more users.

Now, a worm can exploit the XSS flaw on website building platform Wix.com on the scale of the infamous MySpace worm, researchers from Contrast Security warned.

“If the MySpace worm is any guide, taking over all the millions of websites hosted at Wix wouldn’t take very long,” Contrast Security researcher Matt Austin said in his disclosure.

To read this article in full or to leave a comment, please click here

Source: Security


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.