A report about the vulnerability found in Koo reveals that the issue stems from a stored cross-site scripting flaw in Koo’s online application. According to researchers, this flaw allows attackers to plant malicious scripts inside the vulnerable web application.
To perform an attack, an attacker just had to log into the service via the web application and submit an XSS-encoded payload to the timeline. That payload would then automatically get executed for everyone who saw the post.
A security researcher, Rahul Kankrale, identified the vulnerability and reported it, after which a patch with a fix was released by Koo on the 3rd of July.
Cross-site scripting allows an attacker to take advantage of vulnerabilities in the web browser to carry out tasks on behalf of users with the same rights as the user. For example, cross-site scripting allows an attacker to steal authentication cookies stored in the browser.
What is most concerning about this security flaw found in Koo is that it acts as an XSS worm, spreading malicious code automatically to all platform visitors and infecting other users in a chain reaction without any interaction required from the user.
For those who are seeking an Indian alternative to Twitter, Koo, which debuted in November 2019, claims to have 6 million active users on its site. The Bengaluru-based business also seems to be a popular social media platform in Nigeria after the country permanently banned Twitter in relation to a scandal related to deleting a tweet published by Nigerian President Muhammadu Buhari.