Adobe Official Site Contains Non-Persistent XSS vulnerabilities

Whether it is a smartphone or tablet app, a game, a video, a digital magazine, a website, or an online experience, chances are that it was touched by Adobe technology.

Security researchers Aditya Gupta and Ucha Gobejishvili ,from vulnerability Lab , discovered a non-persistent XSS vulnerability in the official website of Adobe.

The vulnerability allows an remote attacker to hijack customer sessions, client side context manipulation and client side phishing.

Login, the Groups Adobe – Search, and the nocophoto Groups Adobe - Search Author modules are found to be vulnerable to XSS attack. Researchers notified about the vulnerability to the vendor.