Five Sun.com XSS flaws in the SSL user login page
Written by DP
Thursday, 23 April 2009
Xylitol reported five critical cross-site scripting vulnerabilities affecting Sun Microsystems website.
Despite the use of SSL in the user login page, malicious users can exploit these flaws to conduct phishing attacks and infect Sun's customers and site visitors with malware, adware and spyware.
Sun.com XSS Mirrors:
suned.sun.com XSS -> Using SSL
portal.sun.com XSS -> Using SSL
Sun Microsystems has been XSSed in the past.