You are here: Home › News Archive › Youtube got Pwned

Youtube got Pwned

Several hours ago, someone found an HTML injection vulnerability in YouTube’s comment system, and since then sites such as 4chan have had a field day with popular videos. The bug is triggered by placing a script tag at the beginning of a post. The tag itself is escaped, but everything following it is cheerfully placed in the page as is. Blacked out pages with giant red text scrolling across them, shock site redirects, and all sorts of other fun things have been spotted. YouTube has currently blocked such comments from being posted and set the comments section to be hidden by default, and appears to be in the process of removing some of these comments, but the underlying bug does not seem to have been fixed yet.”

Lol. One clever script kiddie added a bomb that didn’t alter anything on the page except change the video to one man one jar. Look it up.

edit: it is definately time to change your youtube/gmail/google passwords.

Rating: 0 (from 0 votes)

4 Responses to "Youtube got Pwned"

Nalixor says:

July 4, 2010 at 10:34 pm

I hear it was Ebaumsworld.

VA:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Log in to Reply
satori says:

July 4, 2010 at 10:43 pm

Nalixor;1605594 wrote: I hear it was Ebaumsworld.

I think it was every internet low life once the word got around. One 4-channer was claiming to have grabbed 300K+ session cookies.

VA:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Log in to Reply
gunsella says:

July 5, 2010 at 12:30 am

haha china ftw. we don’t have youtube so we aren’t threatened by your western viruses leaking into our bedrooms. long live chairman mao. long live the people’s republic of china.

VA:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Log in to Reply
Hairyman says:

July 5, 2010 at 11:15 am

and fuck you Hans Brix!!!!!

VA:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Log in to Reply

Login
Password

Leave a Reply Cancel reply