Full Disclosure – XSS Issue on Nitro Security Site.

Posted by admin on Aug 12, 2010 in Full Disclosure, Month of Full Disclosure, WebAppSec, XSS |
Nitro Security XSS

Nitro Security XSS

Again we come with another (XSS) Cross Site Scripting Bugs on another Security Site.

This time it is on the site of Nitro Security

Now what I find a little bit strange is that Nitro Security states that it has created and sells 3 products which can detect Cross Site Scripting issues on websites.

The issue on there site has been there for a while and one would have thoguht that the company would have run its own tools against its won site to make sure that all is secure.

Unlike other security sites such as Tennable / Nessus etc on Nitro there is no attempt made to protect the site from user created data injections.

And with that I give you Nitro Security XSS Issue.

Nitro Security XSS

Nitro Security XSS

Reply

Copyright © 2012 The Test Manager Blog All rights reserved. Theme by Laptop Geek.