YouTube open to cross site scripting!

Hi malware fighters,

They warned us that it was only a matter of time before malware hackers could abuse YouTube. Here is the hole found to do this:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051451.html

While YouTube stays highly de-regulated, you better scan every link with DrWeb’s before opening them up. Maicious code can only be turned into malware by starting it up (self-sought or automatically). So be aware while watching those video’s. So it seems the regulators got some help from malcreants to get where they wanna go, and do not even go as far as to outlaw external linking (the end of the blog as we have known it probably!). Why the regulators and the de-regulators often seems to go hand in hand to achieve the goals that seems not desirable by us?

polonus

P.S. When you have the Netrcraft toolbar installed you are warned and protected against these infections through cross-site scripting!

D.

Was only a mter of time. Cant scan with the link checker on a mac but Ill install it on My Windows PC.
Thanks for the heads up

Thanks polonus.

You can bookmark this link and use that to manually check a link http://online.drweb.com/?url=1, paste the link you want to check into the entry window and click Scan, that should be it. You should be able to check it using your Mac browser and not have to switch OS just to check it out.

thanks