New eNom XSS vulnerability
Written by DP
Monday, 14 April 2008
CCC submitted a critical XSS vulnerability affecting eNom.com - the second largest domain name registrar and web hosting company.
Attackers may use this XSS to perform phishing attacks against millions of customers, the support staff at eNom and many resellers. Some of the unwanted consequences could be a mass change of DNS records, website defacements and theft of sensitive personal and corporate data.
eNom has been XSSed in the past:
Please read the following article to get an idea on how attackers can phish you and what to be aware of in order to prevent this: