Sunday, April 18, 2010
Trend Micro XSS Defacement
Same here,vulnerability like cross site-scripting (xss),html injection and redirect.
Vulnerable sites: esupport.trendmicro.com , internetsafety.trendmicro.com and whatsyourstory.trendmicro.com
I wonder why sites such as McAfee, Symantec, Kaspersky and TrendMicro can be exploited and used by malicious people for phishing and scam.They talk about safety but where is this safety?
See esupport.trendmicro.com POC
See whatsyourstory.trendmicro.com POC
internetsafety.trendmicro.com is a wordpress blog and is vulnerable on search module.
See also Mcafee XSS Defacement and Symantec