A frustrated hacker has defaced the web site of the University of Vermont after multiple cross site scripting (XSS) vulnerability disclosures allegedly went ignored.
The hacker Codeine said the university was advised of XSS holes exactly one month ago but failed to patch the holes despite allegedly claiming to be doing so soon after the disclosure.
The disclosure was posted on PacketStorm.org.
The defacement read: "Is this how you all defend the privacy of your employees and students? Even after a month of being alerted of the multiple vulnerabilities, you take no action?"
Codeine claimed not to be a student of the university.
_(23).jpg&h=140&w=231&c=1&s=0)
_(22).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
