Hein (fub) wrote,

  • Mood:

Hack through LJ embedding

LJ has been used as the vector for a cross-site scripting attack through embedded media. The hack was only effective for two hours, and there's no danger of computers being infected through this.

Read all about it here, and see if you were affected.

Why this matters: if you use a hotmail or other free webmail account as your LJ mail account, and the mail-account has been cleaned up because of inactivity, a smart attacker could re-enable the account and take control of your Journal through the 'mail me my new password'-functionality.
Otherwise, the worst that could happen is an increase in spam.
Tags: lj

  • Mock Chicken

    The Judge Dredd comics are an interesting artefact of the 1980s: it’s what British comic writers thought how the US urban landscape would…

  • Baking

    I have been making chocolates with flexible silicone molds, because those are easy to get the chocolate out of once it’s been set. I did try…

  • Kakiage

    I’ve been on a manga-reading spree these days. It all started out with Dungeon Meshi, which merges my interest in RPGs and dungeon delving…

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded