Security researcher Shadab Siddiqui recently uncovered several vulnerabilities in the social media site Pinterest, which has more than 10 million active users. A security researcher identified a cross-site scripting (XSS) vulnerability and an iframe injection issue that could allow a hacker to hijack user accounts and perform other malicious operations.
The security researcher also found a URL redirection flaw that could be leveraged to redirect the site's visitors to other potentially malicious domains. These flaws have been made available to the Pinterest admins.
View all comments