Skype HTML Injection and Caller Spoofing
The latest Windows Skype client as of 7/7/2013 has a couple of bugs that enable Restricted HTML Injection and To/From Caller Spoofing. It is possible to inject certain HTML tags in the search bar. It is possible to swap who is calling who locally by adding the token=1 argument. It is possible to bypass the application launch and call confirmation dialog windows if Skype link is launched from Injection. @LightOS - http://www.websec.ca
The latest Windows Skype client as of 7/7/2013 has a couple of bugs that enable Restricted HTML Injection and To/From Caller Spoofing. It is possible to inject certain HTML tags in the search bar. It is possible to swap who is calling who locally by adding the token=1 argument. It is possible to bypass the application launch and call confirmation dialog windows if Skype link is launched from Injection. @LightOS - http://www.websec.ca