Two Vulnerabilities in ESPN Mobile App
Author: admin | Category: Information Security | Leave a Comment
A popular ESPN app appears to be affected by two security issues. A cross-site scripting (XSS) flaw in the ESPN ScoreCenter app could be exploited to circumvent access controls to gain access to user data. The app is also reportedly vulnerable to an attack that could expose account usernames and passwords, which could be problematic for people who use
the same usernames and passwords across multiple accounts. ScoreCenter is a free app that is available for Android, iPhone, and Windows phone platforms. The flaws affect version 3.0 of the app. An ESPN spokesperson says that the problems have “been resolved.”