Digg.com Link-Injection Vulnerability
Beni (of mybeni websecurity) has just revealed to me a serious XSS link-injection vulnerability with digg.com. Check out the screenshot below.
If Beni decides to release the digg XSS, you’ll see it here first! (But check back in a week’s time after we’ve abused it 
)
So, instead of Digg gaming its own system…
Pretty stupid abusing XSS (== hacking), they’ll prosecute you once they find out.
Obviously, you have little experience of using XSS exploits! Can you provide a single instance of prosecution for XSS link injection? I thought not! Also, consider the purpose of the post!
Ok, the myspace XSS worm has 3 years of probation + community service + can’t use a computer any more.
*worm creator
Link: http://www.securecomputing.net.au/news/45262,myspace-superworm-creator-sentenced-to-probation-community-service.aspx
There’s a significant difference between a worm and link injection!
I see a lot of potential in link injection to get pages indexed that link to your site.. search engine queries, directory pages and whatnot.