A frustrated hacker has defaced the web site of the University of Vermont after multiple cross site scripting (XSS) vulnerability disclosures allegedly went ignored.
The hacker Codeine said the university was advised of XSS holes exactly one month ago but failed to patch the holes despite allegedly claiming to be doing so soon after the disclosure.
The disclosure was posted on PacketStorm.org.
The defacement read: "Is this how you all defend the privacy of your employees and students? Even after a month of being alerted of the multiple vulnerabilities, you take no action?"
Codeine claimed not to be a student of the university.
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
