The Latest in IT Security

Vulnerabilities in RunKeeper Allowed Cybercriminals to Run XSS Worm

12
Nov
2013

Portuguese security researcher David Sopas has identified a couple of vulnerabilities in RunKeeper, the highly popular fitness-tracking application.

According to the expert, the security holes a cross-site scripting (XSS) and a cross-site reference forgery (CSRF) could have been exploited by cybercriminals to run an XSS worm.

The CSRF issue impacted the Account Settings section.

Using an external HTML form, a crafted site with an a…

Related posts:
  1. CSRF Vulnerability in Instagram Allowed Hackers to Make Private Profiles Public
  2. Cybercriminals Exploit TP-Link Router CSRF Vulnerabilities to Hijack DNS Settings
  3. CSRF Vulnerability in Twitter Allowed Hackers to Read DMs, Post Tweets
  4. Drupal 7.24 and 6.29 Released to Fix Several Vulnerabilities
  5. Hack Proof Your ASP.NET Application Part 3

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

SATURDAY, APRIL 20, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments