We got Adobe XSSed

We got Adobe XSSed

Published on Author char49labsLeave a comment

When our security team leader started his path on HackerOne he started with Adobe bug bounty program. David already was present on their Security Acknowledgements list (2013) but he wanted to get a big company on his HackerOne profile so after a while he found a Reflected XSS (CWE-79) on their website.

You may notice that Adobe policy to fix this issue was pretty quick but to reply for a full disclosure of the report was a little harder.

Hope in the future they work their PR a little more.

Leave a Reply

Your email address will not be published. Required fields are marked *