前途漫漫
道路未定
與其隨波逐流
不如孤獨前行
說不定是風雨還是彩虹
美国有线电视新闻网公开跳转漏洞
CNN cnn.com ADS Open Redirect Security Vulnerability
Based on news published, CNN users were hacked by both Open Redirect vulnerability in 2007.
According to E Hacker News on June 06, 2013, “(@BreakTheSec) came across a diet spam campaign that leverages the open redirect vulnerability in one of the top News organization CNN.”"The tweet apparently shows cyber criminals managed to leverage the open redirect security flaw in the CNN to redirect twitter users to the Diet spam websites." (E hacker News)
The vulnerability can be attacked without user login. Tests were performed on Chrome 32 in Windows 8 and Safari 6.16 in Mac OS X v10.7.
Reported by:
Wang Jing, School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore.
http://www.tetraph.com/wangjing/
评论