The Register: MS bitten by old .NET vulnerability. [Cross-site scripting] leverages JavaScript and makes it possible to place a malicious URL in an e-mail or on a Web site, which if followed will compromise the user’s machine by various means, including exposing shares and/or retrieving data files such as cookies. JavaScript can also be executed on a remote server using malicious URLs.
It seems to me we’ve heard this song before.
§
I am no longer accepting public comments on this post, but you can use this form to contact me privately. (Your message will not be published.)
§
firehose ‧ code ‧ music ‧ planet
© 2001–8 Mark Pilgrim