14 DAY TRIAL // Alexander Fuchs and Benjamin Kunz Mejri from the Vulnerability Research Laboratory discovered a persistent script code injection vulnerability in the White House's official website.
The vulnerability, rated as a high security risk, affected the site's petition system. A successful exploitation of the weakness could have allowed an attacker to inject a malicious code, which may have led to things such as backend session hijacking, manipulation of profile content or defacement.
“The petition system is vulnerable. Every Petition i start or join will execute my code. I could join all petitions and my code will be executed on all users who visit the petition system,” Fuchs said, according to The Hacker News.
Fortunately, the issue was handled in a matter of days but after the latest incidents it turns out that the White House should really improve on their security before cybercriminals discover some other flaws.