Kaspersky Site Vulnerable to Cross-site Scripting Assaults

Kaspersky Lab site is now open to XSS (cross-site scripting) attacks together with Iframe injections. This is not good for any company, especially for a company dealing with security.

An XSS attack launches when a web program collects vicious data from an end-user mostly via a hyperlink that carries malicious content inside it. Thus, as the end-user clicks on the hyperlink while on another site, or via any other mode of connection, the attacker compromises his data.

Here is a screenshot of the bug:

Vulnerable link: KasperskyXSS

Source : http://www.reddit.com/r/xss/comments/k0pi3/kasperskycom_xss/

Update : the Vulnerability have been fixed

Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments

Thanks for
sharing such valuable information. Keep posting such great info for us, thanks.