| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jun 2014 10:44:00 +0200 From: "Roberto Garcia Amoriz" <roberto.garcia@...aramo.com> To: <fulldisclosure@...lists.org> Subject: [FD] XSS on Dell Site **************************************************************************** *************************************** Advisory: support.software.dell.com Cross-Site Script Vulnerability (XSS) Advisory ID: 14062014 Author: Roberto Garcia (@1gbDeInfo) Affected Software: Successfully tested on support.software.dell.com Vendor URL: https://support.software.dell.com Vendor Status: informed and solved, but nobody told me despite entering the bug bounty **************************************************************************** *************************************** ************************** Vulnerability Description ************************** The website " support.software.dell.com " is prone to a XSS vulnerability. This vulnerability involves the ability to inject arbitrary and unauthorized javascript code. A malicious script inserted into a page in this manner can hijack the users session, submit unauthorized transactions as the user, steal confidential information, or simply deface the page. ************************** PoC-Exploit ************************** https://support.software.dell.com /search?k= akil3s';alert(1);' https://support.software.dell.com /search?k= akil3s';alert(document.cookie);' PoC video is available at https://mega.co.nz/#F!r853FKxQ!TWBpEqWwoYwwpL6hhOuNEQ ************************** Solution ************************** Solved, but have not notified me anything ************************** Disclosure Timeline ************************** - Report vuln Jun 14, 2014 via email to security@...ureworks.com (bug bounty at http://www.secureworks.co.uk/contact/disclosure/). I sent a video with the POC. - Website revised June 18. Solved, but nobody tells me despite entering the bug bounty ************************** Credits ************************** Vulnerability found and advisory written by Roberto Garcia Best regards. Roberto Garcia Amoriz Linkedin: es.linkedin.com/in/rogaramo/ Web: http://www.1gbdeinformacion.com Twitter: @1gbdeinfo _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists