Reflected XSS Vulnerability in Adobe website

Reported by Sabari Selvan on Thursday, January 17, 2013 |

Sponsored Links

A Security Researcher Ankit Bharathan (aka lonely-hacker) has discovered a Non-persistent Cross site scripting vulnerability in Adobe website.

The vulnerability resides in one of the adobe sub domain "dbln-speedtest.adobe.com"

The POC for the vulnerability:

http://dbln-speedtest.adobe.com/index.php?lang="><SCRIPT>alert("E Hacking News")</SCRIPT>

The Researcher claim to have discovered a path disclosure vulnerability in the same link and have 90+ open directory in Adobe.

Ankit notified Adobe about the vulnerability but they failed to respond for his mail.

Vulnerabilities in Adobe

Follow @EHackerNews

Category: Adobe Hacks / Information Security News / Reflected xss vulnerability / Vulnerability / XSS Vulnerability

Share This Article on Twitter/Facebook/Blog/Forum or Anywhere:

Reflected XSS Vulnerability in Adobe website  ~ eHackingNews:
http://www.ehackingnews.com/2013/01/reflected-xss-vulnerability-in-adobe.html

About Author

Sabari Selvan is a Security Researcher, founder of E Hacking News who has more interest in Web application PenTesting and Malware analysis. You can find him on Google+ , Twitter and Facebook.

Home

Reflected XSS Vulnerability in Adobe website

About Author

Become a Fan

Funded by

Cyber Security and Privacy Foundation:

Get Latest news at Your Email