Five XSS flaws in the SSL user login page

Written by DP

Thursday, 23 April 2009

Xylitol reported five critical cross-site scripting vulnerabilities affecting Sun Microsystems website.

Despite the use of SSL in the user login page, malicious users can exploit these flaws to conduct phishing attacks and infect Sun's customers and site visitors with malware, adware and spyware. XSS Mirrors: XSS XSS -> Using SSL XSS -> Using SSL XSS Redirect

Sun Microsystems has been XSSed in the past.

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.