A common Web programming error could give hackers a way to take over Google Buzz accounts with cross site scripting, a security expert said. The most-rewarded flaw is XSS, which is among those that are relatively cheap for organizations to identify. The high-severity cross-site scripting flaws could allow remote-code injection on QNAP NAS systems. Read the full article here: Cybersecurity expert: XSS is a relatively low-cost flaw that is relatively easy to identify.
Source: https://threatpost.com/google-buzz-open-xss-hacks-021710/73547/