Wednesday, April 23, 2008
YES WE CAN - get XSSed
By now you’ve probably already seen that some prankster XSS’ed U.S. presidential candidate Barack Obama's community blog redirecting visitors to political rival Hillary Clinton. Fortunately, for whom I’m not quite sure, the hack wasn’t terribly malicious in nature as it could have easily been. The mind can easily wander about what could have been done. Hi-jack login sessions, usernames and passwords, disrupt donations are organization efforts, and possibly even monetize some of the traffic. Hello SE0Wn3D!!1. You know XSS has hit the mainstream when it reaches this level of visibility.