Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Flaw in Wix website builder risked computer worm

Michael Kan | Nov. 4, 2016
The problem resided with a cross-site scripting (XSS) vulnerability found in websites from Wix

Although the potential for this misuse was only theoretical, Austin said he began alerting Wix repeatedly about the vulnerability on Oct. 10, but heard nothing back. Previously he found bugs in Facebook, Yahoo and Spotify.

On Thursday, Wix responded and said the problem had been fixed. 

"We take the security of our customers very seriously. After thorough examination we can state that the issue has been addressed," the company said in an email. "We do operate a formal bug bounty program and are taking steps to widen the community."

Austin said the vulnerability should have been easy to patch with the deletion of a few lines of code. 

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.