An Interest In:
Web News this Week
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
Some of Our Sources
- Simplebits
- TutsPlus - Design
- Vandelay Design
- CSS Globe
- 24 Ways
- Specky Boy
- CSS Tricks
- Willems Lab
- Hashedout
- The Verge
Help Webnuz
Referal links:
November 28, 2015 12:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/aA-w869uZWM/linkedins-own-css-abused-for-clickjacking-attacks
LinkedIn's Own CSS Abused For Clickjacking Attacks
An anonymous reader writes: LinkedIn has fixed a security bug that allowed attackers to use its own CSS code for clickjacking attacks. Basically attackers can create blog posts and load CSS classes from LinkedIn's own stylesheets. If a reader lands on that blog post, then a malicious link can be shown for the entire area of the page. Not something "unique" since this type of method is quite well-known, but you don't generally expect to find these kind of attacks on LinkedIn's own platform. (Here's a link to the LinkedIn security blog. Sorry for not linking to the particular blog — LinkedIn has a weird URL policy. It's the first one.)Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/aA-w869uZWM/linkedins-own-css-abused-for-clickjacking-attacks
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot