Big, Brass Ones: Threat Level exploits cross-site scripting bug on CIA.gov

Posted by Joel Johnson, April 14, 2008 2:04 PM |

Threat Level utilized a relatively benign vulnerability in the CIA.gov web site to insert one of their stories into the URL, giving the appearance that the content is hosted by the agency's site. Their choice of story to inject into the CIA.gov web site is priceless, too: "U.S. Has Launched a Cyber Security 'Manhattan Project,' Homeland Security Chief Claims"

I have such a grin right now.

See the story [Tinyurl.com > CIA.gov]
Look Ma, I'm on CIA.gov [Threat Level]

posted in: Fuck Up
Favorite this! ( 3 )
Digg!
Send this to a Friend
Older A long evening with Bawls' high-caffeine G33k B33r
Newer Flash Game: Video Store Clerk (dot com) harvests real movie scores and gameplay to make a more accurate ratings system

Discussion

Take a look at this
#1 posted by pedmands , April 14, 2008 11:00 PM

It looks like Threat Level PWN'd the BB front page post of this story, too. *grins*!

Take a look at this
#2 posted by Moon , April 15, 2008 7:08 AM

Ha! Interesting. It didn't work for me, because I automatically have javascript turned off.

Post a comment

Anonymous