Big, Brass Ones: Threat Level exploits cross-site scripting bug on CIA.gov

Threat Level utilized a relatively benign vulnerability in the CIA.gov web site to insert one of their stories into the URL, giving the appearance that the content is hosted by the agency's site. Their choice of story to inject into the CIA.gov web site is priceless, too: "U.S. Has Launched a Cyber Security 'Manhattan Project,' Homeland Security Chief Claims"

I have such a grin right now.

See the story [Tinyurl.com > CIA.gov]
Look Ma, I'm on CIA.gov [Threat Level]

Join the Conversation

2 Comments

Leave a comment

Your email address will not be published. Required fields are marked *