According to computer blogger Terence Eden, the official website of the UK Parliament contains basic flaws that have left it vulnerable to hacking.
Exploiting a well-known vulnerability allowed hackers to use the site's search engine to manipulate the web page. This has now been closed.
Terence Eden explained: "Because the domain is parliament.uk it carries with it a significant level of trust. Using XSS a spammer can place an HTML5 video selling their wares with an apparent Parliamentary endorsement. They can add links, images, sound - everything they need for a scam."
Eden revealed that attackers could have actually tricked MP's into revealing passwords by sending them a spoof email instructing them to carry out a password reset.
Return to internet news headlines
View Internet News Archive