Vulnerabilities in Skype

Aviv has already done most of the work but I would like to add a few more notes on the recently reported Skype Cross-site Scripting issue. In general, the issue is pretty much underestimated. The vulnerability is not of a type Cross-site Scripting bug, but mostly a Cross-site Scripting bug on DailyMotion, which results into a Cross-zone Scripting issue within Skype due to the unlocked IE controller Skype makes use of. [...]

more | comments | comments rss | posted by