Tuesday, April 13, 2010

Symantec XSS Defacement


After the discovery of that XSS on McAfee website let's go to see now the same bug on Symantec.

Vulnerable site : edm.symantec.com and phoenix.symantec.com



XSS POC phoenix.symantec.com - edm.symantec.com Redirect open also!

Symantec staff has been alerted about the issue.

Bug fixed! so my poc don't work anymore.