Pinterest vulnerable to XSS and iframe attack vectors


Security researcher Shadab Siddiqui recently uncovered several vulnerabilities in the social media site Pinterest, which has more than 10 million active users. A security researcher identified a cross-site scripting (XSS) vulnerability and an iframe injection issue that could allow a hacker to hijack user accounts and perform other malicious operations.

The security researcher also found a URL redirection flaw that could be leveraged to redirect the site's visitors to other potentially malicious domains. These flaws have been made available to the Pinterest admins.

March 1, 2012
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023