Google Inc. has fixed a flaw in the YouTube code that allowed hackers to redirect users of the popular video-sharing site to adult websites and launch fake pop-up messages.

The search engine giant fixed YouTube's cross-site scripting (XSS) vulnerability two hours after hackers placed codes in the comments section on Sunday to report that Canadian singer Justin Bieber had died in a car accident.

The hackers put codes in YouTube pages devoted to Bieber and fans who clicked on the section were bombarded with pop-up messages ridiculing the teen star and redirecting users to other sites with adult content.

A Google spokesman also said the XSS vulnerability in YouTube is still being studied with the aim of coming up with a stronger protection against hackers, who simply used JavaScript and HTML codes in the attack.

The hacking was initially thought as a virus infection.

YouTube has a huge user traffic. ComScore reported that in May, some 14.6 billion video clips in Google were watched in the U.S. alone. The video clips were mostly from YouTube.