Click to Skip Ad
Closing in...

YouTube hit with cross-site scripting vulnerability, Justin Bieber videos targeted

Updated Dec 19th, 2018 6:42PM EST

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Sunday, users of Google’s video service YouTube were exposed to a cross-site scripting vulnerability that put the cookies of those visiting affected video pages at risk. Those employing the scripting vulnerability targeted videos of popular teen singer Justin Bieber, as some visitors saw: “tasteless messages pop up about the teen star, and were also redirected to external sites with adult content,” according to blog NetworkWorld. Google released a statement saying: “Comments were temporarily hidden by default within an hour, and we released a complete fix for the issue in about two hours. We’re continuing to study the vulnerability to help prevent similar issues in the future.” Google was also quick to point out that the compromised YouTube cookies did not provide unauthorized third-parties with access to users Google Accounts. Read