A cross-site scripting worm pummeled social news service Reddit with malicious comments, reports internetnews.com. The worm originated from the account of a user going by the name "xssfinder." Reddit has closed xssfinder's account and is in the process of deleting the massive number of comments.
Reddit isn't the only social media site hit by xss attacks. Facebook and Twitter have had their fair share, which makes some enterprise IT managers leery of welcoming social media applications behind the firewall.