It looks like Sony PlayStation Store Website still has flaws in it and pretty major ones at that.
This XSS Vulnerability could be misused by hackers for phishing ie gaining your details. This lets XSS execute javascript code on a webpage that could steal your cookies and possibly steal your session and let the phishers impersonate you.
In the screenshot you can see that the backlink code behind "Back" button has been modified using XSS.
This exploit is done using Firefox and a bit of knowledge, and will not be posted on this forum.
The hackers that found this state that 70% of Sony's sites they tested still contained flaws.
check it out here
0 comments:
Post a Comment