XSS Vulnerability in Amazon website ,found by Fabian Cuchietti

Sponsored Links
Security Researcher, Fabian Cuchietti discovered XSS vulnerability in the Amazon Web Services(aws.amazon.com).

POC:
https://aws.amazon.com/amis?ami_provider_id=4&architecture='%22--%3E%3C/style%3E%3C/script%3E%3Cscri
pt%3Ealert(0x015E00)%3C/script%3E&selection=ami_provider_id%2Barchitecture

It seems that the vulnerability has been fixed by vendor, the admin managed to filter html codes by converting to html special characters. Anyway we are able to retrieve the mirror of the vulnerability from XSSed.com. 

Mirror is available here:
http://www.xssed.com/mirror/77551/

Screenshot of the vulnerability
Category: / / /

Share this with Your friends: