Net users warned to beware sites with scripting holes
As a result, Internet users who repose trust in such sites may be susceptible to an array of attacks from malicious third parties, including theft of passwords, credit card numbers, browser cookies, and other private data.
"The real impact of this vulnerability is not on sites but on their visitors. The sites consider it a minor issue, but for visitors, it's a pretty big security and privacy matter. They could be giving away personal information without knowing it," said Jason Rafail, an Internet security analyst with CERT.
The link for this article located at ComputerUser is no longer available.