A potential hacker can also view the email ids or credit cards/debit card information of all booking.com customers.
The CSRF attack can also be mounted through by adding review /comment on Booking.Com website.
Booking.com offers online accommodation booking.
It has over 540,000 properties globally under contract and deals with more than 650,000 room nights reservations per day.
Booking.com is available in more than 41 languages.
Priceline, the holding company has reported 2013 fourth quarter revenue of $1.54 billion.
Below is the Critical one !
We are awaiting Booking.Coms reply to this vulnerability which can put its millions of customer data at risk.
@Techworm_inHello, we are on top of this activity and have assigned a dedicated group to investigate this.
Regards, Andrea
Booking.com (@bookingcom)October 12, 2014
Read More
source: www.techworm.net
