New eNom XSS vulnerability

Written by DP

Monday, 14 April 2008

CCC submitted a critical XSS vulnerability affecting - the second largest domain name registrar and web hosting company.


Attackers may use this XSS to perform phishing attacks against millions of customers, the support staff at eNom and many resellers. Some of the unwanted consequences could be a mass change of DNS records, website defacements and theft of sensitive personal and corporate data.

eNom has been XSSed in the past:

Please read the following article to get an idea on how attackers can phish you and what to be aware of in order to prevent this:

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.