05-31-2012, 04:32 PM #1
- Join Date
- Jun 2011
- Thanked 9 Times in 3 Posts
XSS vulnerabilities in Symantec websites
A couple of weeks ago, while doing some research for a paper I have been working on, I found two XSS vulnerabilities with the Symantec Learning Management System (symlms.symantec.com) and Enterprise Support Login Page (seer.entsupport.symantec.com).
On an average, it is easy to find XSS vulnerabilities on the Internet, but finding an XSS issue on a website that is owned and administered by a security services company is quite something. I reported both the vulnerabilities as soon as I discovered them and the security team at Symantec were quite appreciative and welcoming with my disclosures.
More details on my blog: A Programmer's Rhapsody: XSS vulnerabilities in Symantec websites