FA+
Shop
WARNING: XSS Vulnerablity on FA!
14 years ago
General
May my fist's unit all!-Ieyasu Tokugawa(SBSH)
Taken from
leonkatlovre
PLEASE READ!!!
---
Hi all!
There is a nasty little XSS hack which is spreading on FA atm! For your own sanity please don't click/read any journals posted with the following titles:
"Wow, did I just say something."
"Fine, why should I care?"
"So that's the secret of the universe"
"The secret of the universe is so simple"
"All of the Bebop crew are high"
"I don't remember making this journal."
"I like this episode! "
"I got a whole remedy for that: MUSHROOMS!"
"Obnoxious little frog! "
"this guy should be banned" (This one is unverified)
If you do - you will automatically post a journal of your own with the same title via an XSS hack. Now if you *HAVE* clicked on any links on any journals with the above names - check your "MY JOURNALS" and be sure to delete any with the above titles posted ASAP to stop this spreading.
DO NOT WORRY - YOUR ACCOUNT/PASSWORD IS SAFE - THIS HACK JUST DOES A POST USING XSS AND IT IS NOT FROM SOMEONE STEALING YOUR USERNAME AND PASSWORD!
leonkatlovrePLEASE READ!!!
---
Hi all!
There is a nasty little XSS hack which is spreading on FA atm! For your own sanity please don't click/read any journals posted with the following titles:
"Wow, did I just say something."
"Fine, why should I care?"
"So that's the secret of the universe"
"The secret of the universe is so simple"
"All of the Bebop crew are high"
"I don't remember making this journal."
"I like this episode! "
"I got a whole remedy for that: MUSHROOMS!"
"Obnoxious little frog! "
"this guy should be banned" (This one is unverified)
If you do - you will automatically post a journal of your own with the same title via an XSS hack. Now if you *HAVE* clicked on any links on any journals with the above names - check your "MY JOURNALS" and be sure to delete any with the above titles posted ASAP to stop this spreading.
DO NOT WORRY - YOUR ACCOUNT/PASSWORD IS SAFE - THIS HACK JUST DOES A POST USING XSS AND IT IS NOT FROM SOMEONE STEALING YOUR USERNAME AND PASSWORD!
Miff
~miffthefox
Techinically it's XSRF, not XSS.
werewolfjedi5
~werewolfjedi5
how do you know?
Ruska
~ruska
obviously he's the one who did it
MegaPatron
~megapatron
OP
GAH FOILED AGAIN
MegaPatron
~megapatron
OP
cuz im spreading the words from others :P
Mriya
~mriya
HOLY SHIT THE WORLD IS ENDING! 8O
MegaPatron
~megapatron
OP
AAAAUUUUGH! D8
Dragonkick
~dragonkick
Thanks for the heads up, I saw a sudden influx of 20 new journals and knew something was up
Osprey Hawk
~osprey
My heads up about something fishy was the 100+ journals with half of them deleted.
MegaPatron
~megapatron
OP
yea i noticed that as well >_>
ShinFox
~shinfox
is the Apocalypse? >.=.>
Koda
~apathetic
Thanks for this Mega. I had actually clicked on one of these earlier, didn't even realize till just now that I had posted 2 journals. :x
Redward
~redward
its a good thing they did not write "Here is the new Nye cat hype that's been going around"
MegaPatron
~megapatron
OP
XDD
Slegiar -Sleggy- Dryke
~flamingdragon
didn't notice if it caught it or not, but if you're running noscript, would that keep the hack from activating?
MegaPatron
~megapatron
OP
not sure o_o;
Slegiar -Sleggy- Dryke
~flamingdragon
hmm...cause i clicked 2 journal posts but nothing inside the journal's themselves and nothings happened yet
MegaPatron
~megapatron
OP
ahhhh. maybe they stopped it. but im not sure
doomwolf
~doomwolf
I saw one that that satd "The cast of Bebop is drunk".
doomwolf
~doomwolf
or something like that.
Mewtwolover
~mewtwolover
NoScript should block those.
