Posts

Password Reset Vulnerability in etsy.com

Image
Title :  Password Reset Vulnerability in etsy.com Vuln URL :  https://www.etsy.com/confirm.php?email= Author : Yogesh D Jaygadkar Reported : December 30, 2012 Fixed : December 30, 2012 Public Released :  Jan 08, 2013   Description : In etsy.com, when users reset their password, they receives password reset link which is as below. https://www.etsy.com/confirm.php?email=[User Email ID]&code=[Token code]&action=reset_password&utm_source=account&utm_medium=trans_email&utm_campaign=forgot_password_1 When I received this mail, I started playing with this link. I noticed that token is not getting validated from server side. So I removed it & tested with my own id.  Final POC : https://www.etsy.com/confirm.php?email=[victim user's email ID]&action=reset_password&utm_source=account&utm_medium=trans_email&utm_campaign=forgot_password_1 And Password changed successfully.   Finally I

HTML Injection in Symantec.com

Image
Title : HTML Injection in Symantec.com Vuln URL :  http://www.symantec.com/business/support/index?page=content&id= Author : Yogesh D Jaygadkar Reported : July 02, 2012 Fixed : July 03, 2013 Public Released :  July 03, 2013 OS : Win7, Win XP, Ubuntu Description: HTML injection is a type of attack focused upon the way HTML content is generated and interpreted by browsers at client side. so if an attacker embeds html/script tags such <html>, <SCRIPT> , <OBJECT> , <APPLET> , or <EMBED> into a web site, the web browser's JavaScript engine will execute it. While searching about some anti-virus related information i found that  Symantec Antivirus  official website is vulnerable to HTML Injection. Attacker can add  HTML Tags  into URL to execute html code on website. Screenshot 1 : Screenshot 2 :

Listed in Microsoft's Security Researcher Page

Image
finally I'm listed in  Security Researcher Acknowledgments for Microsoft Online Services Thanks to Microsoft & specially Nate from Microsoft for quick response.Thanks to all my friends.

MSN.com Vulnerable to XSS - Cross Site Scripting

Image
Title: MSN.com Vulnerable to XSS - Cross Site Scripting Script Link: http://investing.money.msn.com/investments/equity-historical-price/?PT=7&D4=1&DD=1&D5=0&DCS=2&MA0=0&MA1=0&CF=0 &>">/* Script Here */=1 &SZ=0&symbol=Asp& Author: Yogesh Jaygadkar  Reported: Tuesday, May 01, 2012  Vulnerability Fix date : 22 May 2012  Public Release: 22 May 2012  Browser : FireFox , IE OS : Win7 , Ubuntu Description:  XSS - Cross Site Scripting Vulnerability found in MSN.com .Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere. An attacker can use XSS to send a malicious script to an u