{"id":8907,"date":"2022-02-02T12:02:06","date_gmt":"2022-02-02T12:02:06","guid":{"rendered":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/"},"modified":"2022-02-02T12:02:06","modified_gmt":"2022-02-02T12:02:06","slug":"live-xss-flaw-exists-in-dmca-dot-com-the-register","status":"publish","type":"post","link":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/","title":{"rendered":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register"},"content":{"rendered":"<p> <a href=\"https:\/\/go.fiverr.com\/visit\/?bta=1052423&nci=17043\" Target=\"_Top\"><img loading=\"lazy\" decoding=\"async\" border=\"0\" src=\"https:\/\/fiverr.ck-cdn.com\/tn\/serve\/?cid=40081059\" loading=\"lazy\"  width=\"601\" height=\"201\"><\/a>\n<\/p>\n<div id=\"body\">\n<p>There is a live cross-site scripting (XSS) vulnerability in takedowns website DMCA-dot-com&#8217;s user interface. It&#8217;s existed for more than a year and the site&#8217;s operators don&#8217;t appear to be interested in fixing it.<\/p>\n<p>Infosec researcher Joel Ossi, founder of Dutch security firm Websec, announced his findings after spending more than a year trying and failing to get DMCA-dot-com to take the XSS seriously.<\/p>\n<p>&#8220;I registered at DMCA at first with an intention to protect my own website,&#8221; he <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/websec.nl\/blog\/606ecfec2f798a048269340e\/dmcacom%20hack%20full%20disclosure%20with%20proof-of-concept\">blogged<\/a>, explaining that he found unescaped free-text entry boxes in the DMCA user interface allowed him to create an XSS.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n        <noscript><br \/>\n            <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" loading=\"lazy\" alt=\"\"\/><\/a><br \/>\n        <\/noscript>\n    <\/div>\n<p>DMCA-dot-com is a copyright takedown service. Users pay the site to handle the tedious part of getting an alleged copyright infringer to delete content from the World Wide Web, using the infamous US Digital Millennium Copyright Act. Prices can be as high as $199 for a takedown.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" loading=\"lazy\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\">\n                <noscript><br \/>\n                    <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                        <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" loading=\"lazy\" alt=\"\"\/><\/a><br \/>\n                <\/noscript>\n            <\/div>\n<\/p><\/div>\n<p>Ossi showed <i>The Register<\/i> his live findings on a video call. Every single time he clicked to a new webpage in the DMCA-dot-com user area, the classic XSS tell-tale \u2013 a popup with a custom message \u2013 appeared. The script to do so was really quite simple:<\/p>\n<div class=\"CaptionedImage Center Border\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2022\/02\/01\/dmca_com_xss_poc.jpg\" loading=\"lazy\" alt=\"The code needed to invoke a simple XSS on DMCA-dot-com\" title=\"The code needed to invoke a simple XSS on DMCA-dot-com\" height=\"585\" width=\"537\"\/><\/p>\n<p class=\"text_center\">The code needed to invoke a simple XSS on DMCA-dot-com<\/p>\n<\/div>\n<p>He went public with his findings after a year spent trying and failing to get the interest of DMCA-dot-com&#8217;s operators when he first found the vuln in late 2020.<\/p>\n<p>&#8220;Our development team will be reaching out if \/ when they need to. Our support department cannot help you on this,&#8221; said the last message sent to Ossi by DMCA-dot-com as he tried to get uninterested helpdesk folk to pass along his vuln report.<\/p>\n<p>While he asked for a bug bounty, <i>El Reg<\/i> confirmed that Ossi had made full private disclosure of his findings before raising the question of payment.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" loading=\"lazy\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>Both Ossi and <i>The Register<\/i> made multiple attempts to contact DMCA-dot-com. In our case the company didn&#8217;t even acknowledge our efforts to get in touch.<\/p>\n<div class=\"CaptionedImage Center Border\"><a href=\"https:\/\/regmedia.co.uk\/2022\/02\/01\/dcma_com_emails.jpg\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2022\/02\/01\/dcma_com_emails.jpg?x=648&amp;y=648&amp;infer_y=1\" loading=\"lazy\" alt=\"Support tickets raised by Ossi with DMCA-dot-com's helpdesk\" title=\"Support tickets raised by Ossi with DMCA-dot-com's helpdesk\" height=\"648\" width=\"648\"\/><\/a><\/p>\n<p class=\"text_center\">Support tickets raised by Ossi with DMCA-dot-com&#8217;s helpdesk in September 2020<\/p>\n<\/div>\n<p>While he may have been the first, Ossi isn&#8217;t the only researcher to find the XSS vulns in DMCA-dot-com. Two separate entries on the Open Bug Bounty site show XSS vulns in DMCA, one dating <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.openbugbounty.org\/reports\/2069856\/\">from April<\/a> last year and the other <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.openbugbounty.org\/reports\/2069856\/\">from June<\/a>.<\/p>\n<p>As <em>Reg<\/em> readers know, cross-site scripting vulnerabilities let a malicious person execute scripts on somebody else&#8217;s website. As explained <a target=\"_blank\" href=\"https:\/\/cwe.mitre.org\/data\/definitions\/79.html\" rel=\"noopener\">by MITRE<\/a>, the flaw typically exists because free text entry forms don&#8217;t sanitise user inputs.<\/p>\n<p>&#8220;The most common attack performed with cross-site scripting involves the disclosure of information stored in user cookies,&#8221; says MITRE. &#8220;Typically, a malicious user will craft a client-side script, which \u2013 when parsed by a web browser \u2013 perform, some activity (such as sending all site cookies to a given E-mail address).&#8221;<\/p>\n<p>Harvesting active login tokens from cookies could give an attacker access to your account on DMCA-dot-com. Ossi told us it wouldn&#8217;t take much to falsely run up billable services, remove DMCA-dot-com&#8217;s protection features from a given webpage or close an account.<\/p>\n<p>Jake Moore, global cybersecurity advisor to infosec firm ESET, told <i>The Register<\/i>: &#8220;Cross-site scripting vulnerabilities can allow an attacker to masquerade as a standard user and carry out any actions that the user is able to perform such as access the user&#8217;s data. User accounts can then ultimately be compromised and credentials or other information could be stolen with great ease.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\">\n            <noscript><br \/>\n                <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"><br \/>\n                    <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yfpyvk2Jx-GWEJ3JN38ZmgAAAFg&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" loading=\"lazy\" alt=\"\"\/><\/a><br \/>\n            <\/noscript>\n        <\/div>\n<p>Immersive Labs&#8217; app security specialist Sean Wright added: &#8220;Despite the fact they have been a part of the attacker toolkit for some time, many still underestimate the risks from XSS vulnerabilities. However, they are effectively client side remote code execution vulnerabilities. In the right circumstances, and combined with tools such as the Browser Exploitation Framework, XSS vulnerabilities give an attacker almost complete control of a browser. Ultimately, this could lead to redirects to malicious sites and even performing actions on behalf of the user.&#8221;<\/p>\n<p>It is to be hoped that someone responsible at DMCA-dot-com pays attention to this year-and-a-half-old vuln disclosure. If it&#8217;s been around this long, somebody might be using it to do something bad. \u00ae<\/p>\n<\/p><\/div>\n<iframe data-lazy=\"true\" data-src=\"https:\/\/www.fiverr.com\/gig_widgets?id=U2FsdGVkX18x7XQvttUTrv1oEqmGNGTgvvCUiUoJ\/AP4z\/UyMz8lXGOLpu15jIMxBbTR0gmD5uBoFvhC4KWeALQRp3h\/X\/AwcVD0K8Wj9H\/ZzYKzcCNHosB9oS4SCJJFWiN85P9ICAc4OgCoE\/wHKIY7CDkf2\/DQ1vqGvk4smVe5cRDEmrLPCWi4FC8p40VUhSmWQ5udCm0zoJtorgWv3vbDQw0kKYkwn39ozAnQXDe+YvWMxkLFWA+O3TFwkJvdkIK+\/AUSnRssPKt5WHY0FhNOxnSPcLslEL4G4\/RfP95ve99U+kRnDy3X+KtzdQLY+u935ghON\/o3UE4IMv9oN6JX9RnxzL\/LRcOgnHigxStSGPKsZYtnz8RWNVT\/rOLAibqiWJadC5MYHRbekF3eg6FOGrQGkXYbsn0+a5aovnlLCbLwIqY9fcS17UX8J235iQ6cdmHNbrPeS84CMm34RA==&affiliate_id=1052423&strip_google_tagmanager=true\" loading=\"lazy\" data-with-title=\"true\" class=\"fiverr_nga_frame\" frameborder=\"0\" height=\"350\" width=\"100%\" referrerpolicy=\"no-referrer-when-downgrade\" data-mode=\"random_gigs\" onload=\" var frame = this; var script = document.createElement('script'); script.addEventListener('load', function() { window.FW_SDK.register(frame); }); script.setAttribute('src', 'https:\/\/www.fiverr.com\/gig_widgets\/sdk'); document.body.appendChild(script); \" ><\/iframe>\n<br \/><a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/02\/02\/dmca_com_live_xss_flaw\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There is a live cross-site scripting (XSS) vulnerability in takedowns website DMCA-dot-com&#8217;s user interface. It&#8217;s existed for more than a year and the site&#8217;s operators&#8230;<\/p>\n","protected":false},"author":1,"featured_media":8908,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-8907","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-universe"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog<\/title>\n<meta name=\"description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog\" \/>\n<meta property=\"og:description\" content=\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/\" \/>\n<meta property=\"og:site_name\" content=\"mailinvest.blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelanceracademic\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-02T12:02:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"432\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin@mailinvest.blog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin@mailinvest.blog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/\"},\"author\":{\"name\":\"admin@mailinvest.blog\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\"},\"headline\":\"Live XSS flaw exists in DMCA-dot-com \u2022 The Register\",\"datePublished\":\"2022-02-02T12:02:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/\"},\"wordCount\":702,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/shutterstock_hole.jpg\",\"articleSection\":[\"Tech Universe\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/\",\"name\":\"Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/shutterstock_hole.jpg\",\"datePublished\":\"2022-02-02T12:02:06+00:00\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/shutterstock_hole.jpg\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/shutterstock_hole.jpg\",\"width\":648,\"height\":432},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/2022\\\/02\\\/02\\\/live-xss-flaw-exists-in-dmca-dot-com-the-register\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mailinvest.blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Live XSS flaw exists in DMCA-dot-com \u2022 The Register\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#website\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"name\":\"mailinvest.blog\",\"description\":\"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mailinvest.blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#organization\",\"name\":\"mailinvest\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"contentUrl\":\"https:\\\/\\\/mailinvest.blog\\\/wp-content\\\/uploads\\\/2022\\\/01\\\/default.png\",\"width\":1000,\"height\":1000,\"caption\":\"mailinvest\"},\"image\":{\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/freelanceracademic\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mailinvest.blog\\\/#\\\/schema\\\/person\\\/012701c4c204d4e4ebd34f926cfd31a4\",\"name\":\"admin@mailinvest.blog\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g\",\"caption\":\"admin@mailinvest.blog\"},\"sameAs\":[\"https:\\\/\\\/mailinvest.blog\",\"admin@mailinvest.blog\"],\"url\":\"https:\\\/\\\/mailinvest.blog\\\/index.php\\\/author\\\/adminmailinvest-blog\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/","og_locale":"en_US","og_type":"article","og_title":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog","og_description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","og_url":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/","og_site_name":"mailinvest.blog","article_publisher":"https:\/\/www.facebook.com\/freelanceracademic\/","article_published_time":"2022-02-02T12:02:06+00:00","og_image":[{"width":648,"height":432,"url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg","type":"image\/jpeg"}],"author":"admin@mailinvest.blog","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin@mailinvest.blog","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#article","isPartOf":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/"},"author":{"name":"admin@mailinvest.blog","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4"},"headline":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register","datePublished":"2022-02-02T12:02:06+00:00","mainEntityOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/"},"wordCount":702,"commentCount":0,"publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg","articleSection":["Tech Universe"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/","url":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/","name":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register - mailinvest.blog","isPartOf":{"@id":"https:\/\/mailinvest.blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#primaryimage"},"image":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#primaryimage"},"thumbnailUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg","datePublished":"2022-02-02T12:02:06+00:00","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis.mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what's new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","breadcrumb":{"@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#primaryimage","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/02\/shutterstock_hole.jpg","width":648,"height":432},{"@type":"BreadcrumbList","@id":"https:\/\/mailinvest.blog\/index.php\/2022\/02\/02\/live-xss-flaw-exists-in-dmca-dot-com-the-register\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailinvest.blog\/"},{"@type":"ListItem","position":2,"name":"Live XSS flaw exists in DMCA-dot-com \u2022 The Register"}]},{"@type":"WebSite","@id":"https:\/\/mailinvest.blog\/#website","url":"https:\/\/mailinvest.blog\/","name":"mailinvest.blog","description":"Technology is forever changing, and there are always new pieces of technology to replace obsolete ones. Tons of people enjoy reading tech blogs on a daily basis. mailinvest.blog tracks all the latest consumer technology breakthroughs and shows you what&#039;s new, what matters and how technology can enrich your life. mailinvest.blog also provides the information, tools, and advice that helps when deciding what to buy.","publisher":{"@id":"https:\/\/mailinvest.blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailinvest.blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailinvest.blog\/#organization","name":"mailinvest","url":"https:\/\/mailinvest.blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/","url":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","contentUrl":"https:\/\/mailinvest.blog\/wp-content\/uploads\/2022\/01\/default.png","width":1000,"height":1000,"caption":"mailinvest"},"image":{"@id":"https:\/\/mailinvest.blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelanceracademic\/"]},{"@type":"Person","@id":"https:\/\/mailinvest.blog\/#\/schema\/person\/012701c4c204d4e4ebd34f926cfd31a4","name":"admin@mailinvest.blog","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/98ed217bd0f3d6a6dcae2d9b0c76e305b049a07275e315e1407e19ec8b08e139?s=96&d=mm&r=g","caption":"admin@mailinvest.blog"},"sameAs":["https:\/\/mailinvest.blog","admin@mailinvest.blog"],"url":"https:\/\/mailinvest.blog\/index.php\/author\/adminmailinvest-blog\/"}]}},"_links":{"self":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/8907","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/comments?post=8907"}],"version-history":[{"count":0,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/posts\/8907\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media\/8908"}],"wp:attachment":[{"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/media?parent=8907"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/categories?post=8907"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailinvest.blog\/index.php\/wp-json\/wp\/v2\/tags?post=8907"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}