MoTB #29: Reflected XSS in chart.ly
What is chart.ly
"Share stock charts on Twitter" (chart.ly home page)
Twitter effect
chart.ly can be used to send tweets and follow other twitter users.
chart.ly is using OAuth authentication method in order to utilize the Twitter API.
Popularity rate
A not so popular alternative to StockTwits - 1 twit
Vulnerability: Reflected Cross-Site in the Search page.
Status: Unpatched.
Details: The chart.ly search page does not encode HTML entities in the "q" variable, which can allow the injection of scripts.
This vulnerability can used by an attacker to send tweets on behalf of its victims.
Proof-of-Concept: http://chart.ly/search?q=%3Cscript%3Ealert(%22xss%22)%3C/script%3E
Vendor response rate
The vendor did not respond to any of the emails I sent during the past week - 0 twits.
"Share stock charts on Twitter" (chart.ly home page)
Twitter effect
chart.ly can be used to send tweets and follow other twitter users.
chart.ly is using OAuth authentication method in order to utilize the Twitter API.
Popularity rate
A not so popular alternative to StockTwits - 1 twit
Vulnerability: Reflected Cross-Site in the Search page.
Status: Unpatched.
Details: The chart.ly search page does not encode HTML entities in the "q" variable, which can allow the injection of scripts.
This vulnerability can used by an attacker to send tweets on behalf of its victims.
Proof-of-Concept: http://chart.ly/search?q=%3Cscript%3Ealert(%22xss%22)%3C/script%3E
Vendor response rate
The vendor did not respond to any of the emails I sent during the past week - 0 twits.
0 Comments:
Post a Comment
<< Home