StumbleUpon XSS Vulnerability
Update: StumbleUpon has fixed the XSS vulnerability, You can read more about it in my blog post "StumbleUpon Fixes The XSS"
Recently i wrote a post on "Detecting Cross Site Scripting Attacks XSS With Fiddler", In that post i explained how fiddler can be helpful in detecting Persistent and Non Persistent Cross site scripting vulnerabilities inside a webapplication, though it generates many false positives, however still it's a very useful piece of tool.
Few days before, while i was hunting for vulnerabilities inside stumbleupon.com, (for those of you who don't know stumbleupon is one of world's largest social bookmarking websites with alexa rank of 149). Fiddler helped me obtain a non persistent XSS vulnerability inside stumbleupon. Here is the screenshot that demonstrates proof of concept:
The vulnerability is reported to stumbleupon, however i haven't had a reply from them, For security reasons i cannot disclose the URL and parameters for the injection, I hope stumbleupon fixes the vulnerability pretty soon.
what harm you can do with this to stumbleupon
ReplyDelete* Social engineering attacks: Can redirects to malicious sites
ReplyDelete* Hijack accounts
Can u diclose that link after it get patched
ReplyDelete@Visual
ReplyDeleteSure i will.