Comments Widget Exposed Many Websites to Attacks
A stored cross-site scripting (XSS) vulnerability found in a popular comments widget exposed a large number of websites to attacks. The security hole was quickly patched by the product’s developers.
A 14-year-old security enthusiast named Ibram Marzouk recently discovered a stored XSS flaw in the comments section of code snippet marketplace PasteCoin.
Read more: Comments Widget Exposed Many Websites to Attacks
Story added 24. January 2017, content source with full text you can find at link above.