This is not the first time that McAfee's website was found to be lacking security. In 2008, websites from McAfee, Symantec and VeriSign were all found to have cross-site scripting (XSS) errors, according to security watchdog at the time XSSed.
Additionally, in 2009, white-hat hacker Methodman, a member of the Team Elite, published proof-of-concept attacks against websites kc.mcafee.com and mcafeerebates.com. In April 2010, the McAfee.com community forums were defaced via an XC scripting attack.
McAfee told Network World that it is investigating the Full Disclosure vulnerabilities report.
Bort writes the Microsoft Update, Source Seeker and Cisco Odds and Ends blogs for Network World's Microsoft Subnet, Open Source Subnet and Cisco Subnet communities. Follow Bort on Twitter @Julie188.
Read more about wide area network in Network World's Wide Area Network section.
