A new vulnerability has been identified in Skype application for iOS that might lead to data theft from your device. The cross site scripting vulnerability or XSS as it is called allows any attacker to attack the host computer with just one single malicious code sent using the Skype chat version 3.01 and earlier versions, as discovered by AppSec Consulting security researcher Phil Purviance. 
The vulnerability allows attackers to execute malicious JavaScript code that runs when a victim views a chat message, enabling theft of information, including a user’s address book. In simpler words just by sending one chat message an attacker can get access to confidential data on your iOS based device.
While Skype is aware of the situation and they are also working out to counter this threat as soon as possible. In a statement, given to Tech Crunch, Skype said, “We are working hard to fix this reported issue in our next planned release which we hope to roll out imminently. In the meantime we always recommend people exercise caution in only accepting friend requests from people they know and practice common sense internet security as always.”
It is clear that Skype is working on finding a fix for this problem but until the update is released the best users can do is wish that no one gets cracking with this malicious code in order to get access to data.
Click here to watch video.