Critical XSS bugs found today on Symantec.com, now fixed

Wednesday, 15 April 2009

According to methodman, the search feature for Symantec Connect page was vulnerable to XSS.
Malicious people could exploit these XSS vulnerabilities to infect millions of Symantec users and site visitors with malware, adware and spyware.

For more information and screenshots, read the original news:

http://nemesis.te-home.net/News/20090415_Symantec_Website_Open_to_XSS_Vulnerability.html

By Wed, April 15, 2009 7:39 pm, the bugs were still working.
Symantec was alerted about the issue and fixed the flaws in record time. =)

Symantec has been XSSed in the past.