In what a researcher in India called “a very quick turnaround,” LinkedIn implemented a fix for a persistent cross site scripting (XSS) vulnerability he discovered and which a Threat Post blog penned by Kaspersky Lab’s Chris Brook said “could have been exploited to spread a worm on the service’s help forums.”
Brook cited researcher Rohit Dua in a Threat Post as saying that the social media company fixed the vulnerability, found in a Help Center site portal, within three hours of his reporting it. A user signing into to LinkedIn could have exploited the vulnerability by going to the help forum and then starting a discussion. By entering in a few lines of code, “Dua claims an attacker could’ve executed script.”
The Threat Post quoted Dua as saying in his proof of concept that “Once the question gets posted, it, along with the script execution, can be immediately viewed in Help Forum –> Your Discussions or in the questions public list, or the questions page of your tag.” As a result, if the vulnerability was exploited, the attacker could have leveraged it for an XSS worm, Brook wrote.
“This responsibly disclosed issue was in our help center portal, not on the main site, and no member data was at risk. The researcher was great to work with which helped us fix the issue in a very timely manner. There has been no exploitation or abuse of this issue on our help portal. We would like to thank the researcher for his great write-up and helping protect our members,” a LinkedIn statement said, according to the Threat Post.