The well-known social news website Reddit got hit from a very effective XSS (cross site scripting) attack on Sunday, September 27th.
The attack was rested on the fact that Reddit was not filtering out JavaScript in specific instances while a user was moving the mouse over the text field of the comments. (more…)
