Critical XSS bugs found today on, now fixed

Written by DP

Thursday, 16 April 2009

According to methodman, the search feature for Symantec Connect page was vulnerable to XSS.
Malicious people could exploit these XSS vulnerabilities to infect millions of Symantec users and site visitors with malware, adware and spyware.

For more information and screenshots, read the original news:

By Wed, April 15, 2009 7:39 pm, the bugs were still working.
Symantec was alerted about the issue and fixed the flaws in record time. =)

Symantec has been XSSed in the past.


Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.