Just a note that I came across a post in another forum which alerted readers to malicious javacode in the URL of the website, ushmm(dot)org. This site is for the United States Holocaust Museum. The [b]Securi [/b] report shown at the link below appears to confirm this problem ("hxxp" has been substituted for "http"):
hxxp://sitecheck.sucuri.net/results/ushmm.org
According to the report, the javacode inserts a Phoenix exploit.
I know one of the Moderators on the site where I saw this alert indicated he was going to notify the IT staff at the museum about the issue. Looks like they got the word and must have corrected the problem.
Bright Cloud gives it a suspicious with index yellow 39 meaning there is a higher than average probability that the user will be exposed to malicious links or payloads. So there certainly was a vulnerability there that was abused.
Good avast flagged it for what it was.
Sucuri is not flagging it any longer here: hxtp://sitecheck.sucuri.net/results/http://ushmm.org/
so they apparently did some cleanse-up.
If it has/had malware at any time then that was a shame really, because it is a Norton secured site, re: htxp://safeweb.norton.com/report/show?url=http%3A%2F%2Fwww.ushmm.org%2F
At least that protection failed them once big time then…good we have avast!