Advertisements

 New eNom XSS vulnerability

Written by DP

Monday, 14 April 2008

CCC submitted a critical XSS vulnerability affecting eNom.com - the second largest domain name registrar and web hosting company.

Mirror:
http://www.xssed.com/mirror/35304/


Attackers may use this XSS to perform phishing attacks against millions of customers, the support staff at eNom and many resellers. Some of the unwanted consequences could be a mass change of DNS records, website defacements and theft of sensitive personal and corporate data.

eNom has been XSSed in the past:
http://www.xssed.com/mirror/6160/

Please read the following article to get an idea on how attackers can phish you and what to be aware of in order to prevent this:

http://www.xssed.com/article/5/Paper_Applying_XSS_to_Phishing_Attacks/


        
Advertisements
Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.