Discovered by: pdp, int3l, |)ruid
The MySpace worm used a combination of a QuickTime cross-domain scripting vulnerability discovered in September 2006 by pdp and a MySpace CSS navigation replacement bug found by int3l and |)ruid. The worm was simple, but the number of affected users was very high.