Wednesday, March 13, 2013
0
-->
The Youngest Security Researcher " Ali Hasan Ghauri " also found XSS Vulnerabilities on OLX , EBAY , BrainTree Payments , GitLab & many more.
Ebay POC Screen Shot:
Ebay Acknowledged his name in Responsible Disclosure Acknowledgements Page.
GitLab also Acknowledged his name in Vulnerability Acknowledgement Disclosure.
According to Security Researcher, BrainTree Payments sent him a Cool T-shirt for finding bugs.
Follow @TheHackersPost
Amazon vulnerable to XSS flaw found by Security Researcher
Ali Hasan Ghauri - 14 Years old , The Youngest Security Researcher found XSS vulnerability on Amazon (www.amazon.com) main site. Vulnerability is fixed by Amazon Security Team.
The Security researcher told The Hackers Post that he reported XSS flaw to Amazon security team. He got immediate response with appreciation and vulnerablity fixed by them.
[#] - Website:
http://www.amazon.com/
[#] - Vulnerable link (POC):
XSS (Cross Site Scripting)
[#] - Status:
Fixed [Critical]
[#] - Tested on:
Firefox 19.0.1
The Security researcher told The Hackers Post that he reported XSS flaw to Amazon security team. He got immediate response with appreciation and vulnerablity fixed by them.
Amazon Secuity Team immediately patched the XSS flaw which was reported by me. They didnot offer any reward to me because they dont have bug bounty program.
[#] - Website:
http://www.amazon.com/
[#] - Vulnerable link (POC):
http://www.amazon.com/Thomas-Calculus-Multivariable-12th-George/dp/0321643690/%22ns=%22alert%280x000308%27%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert%28%22XSS%20By%20Ghauri%22%29%3C/script%3E[#] - Vulnerability Type:
XSS (Cross Site Scripting)
[#] - Status:
Fixed [Critical]
[#] - Tested on:
Firefox 19.0.1
The Youngest Security Researcher " Ali Hasan Ghauri " also found XSS Vulnerabilities on OLX , EBAY , BrainTree Payments , GitLab & many more.
Ebay POC Screen Shot:
Ebay Acknowledged his name in Responsible Disclosure Acknowledgements Page.
GitLab also Acknowledged his name in Vulnerability Acknowledgement Disclosure.
According to Security Researcher, BrainTree Payments sent him a Cool T-shirt for finding bugs.
Categories : Ali Hasan Ghauri , Amazon , Amazon Vulnerable to XSS , Vulnerability , XSS
About Author:
Nauman Ashraf is a security researcher, developer and blogger. He is Founder and Chief Editor of The Hackers Post. Follow him on
Twitter
Subscribe to:
Post Comments
(
Atom
)
0 Responses to “ Amazon vulnerable to XSS flaw found by Security Researcher ”
Post a Comment