Tuesday, June 26, 2012

The Consumer Link .COM Sharpie Store - Mcafee Secure Scan

HmMmM, I don't quite get it. This is the first company that has not contacted me after I informed them of a security vulnerability in their website.

It bears the "McAfee Secure" logo as well...PCI compliant? Not so sure...

http://www.mcafeesecure.com/us/

After various reported and rectified incidents in company websites and commercial software, I have concluded that reflective XSS really is everywhere...


UPDATE (Meant to post this on the 28th...)
18 days after reporting the issue I was never contacted, no attempt at resolving the vulnerability and the website is still vulnerable. If PCI compliance is this easy to achieve and means being vulnerable to attack then were all in deep end.



No comments:

Post a Comment