Sunday, April 18, 2010

Trend Micro XSS Defacement


Same here,vulnerability like cross site-scripting (xss),html injection and redirect.

Vulnerable sites: esupport.trendmicro.com , internetsafety.trendmicro.com and whatsyourstory.trendmicro.com

I wonder why sites such as McAfee, Symantec, Kaspersky and TrendMicro can be exploited and used by malicious people for phishing and scam.They talk about safety but where is this safety?

See esupport.trendmicro.com POC








See whatsyourstory.trendmicro.com POC








internetsafety.trendmicro.com is a wordpress blog and is vulnerable on search module.

See also Mcafee XSS Defacement and Symantec

No comments: