YouTube, the popular video sharing Web site, was targeted by hackers, which may have put users at risk for visiting compromised Web pages.

The attack, which exploited a cross-site scripting, or XSS, vulnerability, affected sections in the Web site where users post comments. An XSS attack is one in which a hacker might craft a false web address that sends the user to the correct page (in this case YouTube) but runs malicious code in the background, unbeknownst to the person visiting the site. Users might also be sent to another site entirely.

The company, a subsidiary of Google, reassured users that Youtube cookies couldn't be used to access Google accounts. Nonetheless, YouTube users are advised to log out of their account and log back in again.

The attackers particularly targeted singer Justin Bieber, incorporating code into YouTube pages devoted to the singer. As a result, users were greeted with vulgar messages about Bieber, and were also redirected to external sites that contained adult content.

In spite the fact that the attack itself didn't involve malware infections, users may be at risk when they visit any Web page, especially the ones attackers redirected users to. It is not known if the destination pages contained malware, but most anti-virus software can handle such threats.

YouTube is the most popular video sharing site in the US. In May, 14.6 billion video clips were viewed at Google sites, mostly at YouTube. The figure is about 43 percent of all viewed clips online for that month.