Egyptian information security advisor Ebrahim Hegazy (Zigoo) has found an XSS vulnerability in the Avira license. Avira team responded promptly and fixed the flaw in short time. Ebrahim has created 4 files: fake login page log.html, log log.php, log.txt and credentials. The log log will log the credentials as clear text into txt file avira.txt. It will show a congratulation message to fool the users. The hacker created the log log to log the user’s clear text data.
Source: https://thehackernews.com/2013/04/minor-flaw-allows-hacker-to-hijack_12.html