A cross-site scripting vulnerability (XSS) has been found in online payment processing firm PayPal’s website. The vulnerability allows arbitrary code execution and could be used in a Phishing attack to gather data from unsuspecting users.
A common technique employed by spammers to send large quantities of email is through the use of unsecured web forms like contact forms. The vulnerability they exploit is a form of Header Injection. There are several basic steps you can take to secure your web forms and prevent spam from originating from your website.
I’ve just got off of the phone with the lovely people at …. I have no idea what company, they certainly weren’t Orange that’s for sure! Its a scam, pure and simple.
Storm Twitter
5 Comments
