Critical XSS bugs found today on Symantec.com, now fixed
Written by DP
Thursday, 16 April 2009
According to methodman, the search feature for Symantec Connect page was vulnerable to XSS.
Malicious people could exploit these XSS vulnerabilities to infect millions of Symantec users and site visitors with malware, adware and spyware.
For more information and screenshots, read the original news:
By Wed, April 15, 2009 7:39 pm, the bugs were still working.
Symantec was alerted about the issue and fixed the flaws in record time. =)
Symantec has been XSSed in the past.