Myspace

From past 2 months Myspace has been in news. This time its a new vulnerability found in XSS.

When the exploit code (i.e JavaScript) runs it redirect a user to other website. the redirected URL is a phishing URL which is used to steal the user name and password of Myspace account.

The script also contains code to modify user profile on Myspace and adding a movie file.

We have added the detection for the exploit Javascript as JS.QSpace.A