I offers security consulting services within the space of Penetration Testing , Ethical Hacking , Vulnerability Assessments and Security Code and Configuration Reviews ~

TeslaMotor Cross Site Scripting Vulnerability

I found some XSS issue in suppliers.teslamotors.com domain.


Steps To Reproduce:
Note: For Intercepting the Request. I used Firefox Add-on Tamper Data.

1-  Visit: https://suppliers.teslamotors.com/supplier/

2- ​Type username and password in the given fields.

3- Before Click on Login Button, Run TAMPER DATA and start to Tamper.

4- Back to Page, Click on check box "Remember me"

5- Click on Login button. Your request is now tampered by tamper data. replace parameter 'remember-me' value "1" with your {XSS payload}.

6- Click on "OK" Button.

7- XSS Pop Up !!!


Snap Shot:

TeslaMotor Cross Site Scripting Vulnerability


Video PoC:




READ FULL POST

SquareUp Open Redirection

During Password resetting, I observe something, that Password token link is redirected first through subscriptions link. where 'r' is the parameter and value can be any website.
Steps To Reproduce:
1- After Password Reset email, Copy Link Address.


2- Address URI look like this: 
https://squareup.com/subscriptions/r?d=VHZ0CwTM5CMAwfX4&e=/html/body/table/tr/td/table[1]/tr[2]/td/table/tr[2]/td/table/tr[2]/td[2]/table/tr[5]/td/div/a&n=emailClick&r=https://squareup.com/password/reset/Token

Video PoC: 



READ FULL POST