A Romanian hacker has posted a
proof-of-concept attack exploiting vulnerabilities on
the Pentagon’s public Website that were first exposed
several months ago and remain unfixed.

The hacker, who goes by Ne0h, demonstrated input
validation errors in the site’s Web application that
allow an attacker to wage a cross-site scripting (XSS)
attack. The XSS vulnerability had been previously
disclosed by at least two

other researchers
several months ago — and Ne0h’s
findings show the bug is still on the site.

Оставить мнение

Check Also

Пишешь на С++ или .NET? Даем скидку 50% на Deleaker, программу для поиска утечек памяти

Deleaker — это программа для разработчиков под Windows, пишущих на C++. Она ищет утечки па…