We got Adobe XSSed

We got Adobe XSSed

Published on Author char49labsLeave a comment

When our security team leader started his path on HackerOne he started with Adobe bug bounty program. David already was present on their Security Acknowledgements list (2013) but he wanted to get a big company on his HackerOne profile so after a while he found a Reflected XSS (CWE-79) on their website.

You may notice that Adobe policy to fix this issue was pretty quick but to reply for a full disclosure of the report was a little harder.

Hope in the future they work their PR a little more.

Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *