Verisign, McAfee and Symantec sites can be used for phishing due to XSS

June 9, 2008 – 9:38 AM

Should they all be trusted at first sight by unsuspecting online users? Yes, unfortunately this is the case with the websites of renowned and respected IT security companies. However, now that are all vulnerable to cross-site scripting, the possibilities to get phished and infected with malware and crimeware are dramatically increased.