Jump to content

RIAA Site Features TorrentFreak's Latest News


nsane.forums

Recommended Posts

nsane.forums

A cross-site scripting (XSS) attack is a kind of security vulnerability typically found in web applications which allows code to be injected into web pages. The ‘cross site’ element explains how a malicious website could load another site into a frame, giving the appearance that the data all originates from the target site.

Last year we reported that the RIAA’s website had suffered an XSS attack and just a couple of days ago we revealed how the MPAA site was vulnerable to an XSS attack too, one which left it embarrassingly displaying torrents from The Pirate Bay.

Now it is the RIAA’s turn (again) to suffer the same fate. Vektor, who also discovered the MPAA site exploit, told TorrentFreak that he had managed to find a security hole in RIAA.com too. He demonstrated this by using an iframe - an HTML element which makes it possible to embed an HTML document inside another HTML document - TorrentFreak for example.

RIAA.com featuring TorrentFreak

tf-riaa.jpg

As with the MPAA site exploit, Vektor explains that his work on the RIAA site is a proof of concept and should be taken as a joke.

We’re sure the RIAA and MPAA coders will be laughing heartily as they try to plug these holes.

Post from: TorrentFreak

view.gif View: Original Article

Link to comment
Share on other sites


  • Views 815
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...