Adobe Experience suffers from a reflected cross site scripting vulnerability. The author contacted Adobe back in August but the issue is still not resolved so they are releasing details in hopes that Adobe will address the issue. Note that this finding houses site-specific data. Update on 01/21/2013: Adobe PSIRT has resolved the issue and the author has confirmed that this was indeed fixed.
b7ad16292219d69d31c0817f287d4e50149c4bdbd887e0e0e7282fad6aa95478Various Penske Media Corporation sites such as variety.com, la411.com, newyork411.com, and deadline.com all suffer from reflective cross site scripting vulnerabilities. Note that this finding houses site-specific data. Editor's note 01/04/2013: Per the advisory author, the issues have been resolved in all sites listed and Penske Media have addressed the issue.
0ee5e0affef62932ece9368ee73e2ab61594aecfc2a0ad7e7fc6c30c8d846b00Rollingstone.com suffers from a cross site scripting vulnerability. As of 12/23/2012, the author noted to Packet Storm that Rolling Stone has addressed the issue.
ccc58a651ef83f70fa9a186c7a2e6ef83c0652b758b8f4e789afe50c63a45c66The mobile.chicagotribune.com site suffers from a cross site scripting vulnerability. Editor's note 01/04/2013: Per the advisory author, Chicago Tribune has addressed this vulnerability.
cb5868295d95e6e2adccde2d047576233388b74c94df149c189b172e92430175
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed