Barack Obama’s official site has been hacked, prior to the presidential primaries in Pennsylvania.
According to the XSSed.com, a critical script insertion vulnerability affected my.barackobama.com, Barack Obama’s official social networking site for his supporters which was reportedly taken advantage of by a prankster who redirected the Illinois Senator’s website to Hillary Clinton’s campaign by injecting an iFrame onto the title parameter of a personal group.
According to Symantec, someone embedded the computer code into a posting on the Obama blog were the cross-site scripting flaw (XSS) vulnerability was initiated. This common type of vulnerability can be used to someone’s advantage by automatically redirecting Web browsers viewing the affected page to another site of their choice. This vulnerability could also be used to install malicious software from third-party sites or popping up a fake campaign contribution page to steal money from Obama supporters, said Zulfikar Ramzan, a senior researcher at Symantec reportedly stated.
It seems that developers have taken the initiative to correct the issue as it seems to have been fixed, or has it? Maybe they have deleted the post and are just watching their new posts more carefully.
Reportedly, Hillary Clinton’s site is stated to also be vulnerable, according to XSSed.com. HillaryClinton.com, according to the them, contains a cross-site scripting flaw.