A security consultant has notified Skype of a cross-site scripting flaw that could be used to change the password on someone’s account. Skype said it would issue a fix next week. The problem lies in a field where a person can input their mobile phone number. The flaw affects the latest version of Skype, 5.3.0.120, on Windows XP, Vista and 7 as well as Mac OS X. Skype disagreed somewhat with the consultant’s description of the issue, characterizing it as minor.”]
Source: https://www.csoonline.com/article/2129070/researcher-claims-dangerous-vulnerability-in-skype.html