Blogger Finds Faults in UK Parliament's Website

According to computer blogger Terence Eden, the official website of the UK Parliament contains basic flaws that have left it vulnerable to hacking.

Exploiting a well-known vulnerability allowed hackers to use the site's search engine to manipulate the web page. This has now been closed.

Terence Eden explained: "Because the domain is it carries with it a significant level of trust. Using XSS a spammer can place an HTML5 video selling their wares with an apparent Parliamentary endorsement. They can add links, images, sound - everything they need for a scam."

Eden revealed that attackers could have actually tricked MP's into revealing passwords by sending them a spoof email instructing them to carry out a password reset.

print this article

Return to internet news headlines
View Internet News Archive

Share with: