Hacker News new | ask | show | jobs
by mathieuh 2057 days ago
No I mean the fact that this was possible on their website, XSS is one of the simplest things to test, in fact it was one of the standard tests UI testers would do on new screens.

Not saying they were compromised.
1 comments
ceejayoz 2057 days ago
It wasn't possible on their website.

They provide data feeds to many third parties, who might themselves be vulnerable, hence the notification.

link