Security Researcher, Rafay Baloch, the founder of Rafay Hacking Articles, has discovered a Cross Site scripting (XSS) Vulnerability in ShareCash website(sharecash.org). ShareCash is the highest paying Pay-Per-Download network around.
The vulnerability affects the "Manage Widget" page of ShareCash. The XSS vulnerability found to be stored one.
Stored XSS is critical one since the script is being stored on the server and is being executed every time user visits the affected page.
In an Email Sent to EHN, Researcher provided the screenshot of the Proof-of-concept. From the POC, I come to know that the "Widget Name" is vulnerable to xss attack. It seems like the developer fails to validate the input.
Rafay claimed that he sent more than 10 emails to share cash to notify them about the vulnerability, but they failed to respond.
The vulnerability affects the "Manage Widget" page of ShareCash. The XSS vulnerability found to be stored one.
 |
| Stored XSS Vulnerability |
Stored XSS is critical one since the script is being stored on the server and is being executed every time user visits the affected page.
In an Email Sent to EHN, Researcher provided the screenshot of the Proof-of-concept. From the POC, I come to know that the "Widget Name" is vulnerable to xss attack. It seems like the developer fails to validate the input.
Rafay claimed that he sent more than 10 emails to share cash to notify them about the vulnerability, but they failed to respond.
Recently we reported that the reason behind the Tumblr reblog attack is Stored cross Site scripting(XSS) vulnerability. The vulnerability was discovered by a security researcher Janne Ahlberg. Janne says the vulnerability is not yet fixed.
According to his research, It is possible to embed JavaScript and some other HTML tags to certain Tumblr post types (e.g. video post).
The vulnerability can be used for launching phishing attacks. For instance,it would be quite easy to ask input from user in various ways. User input could be stored to attackers server. Attacker could push malicious files from his/her server to Tumblr users.
"Attacker could create several Tumblr accounts and start blogging viral or popular videos using well chosen tags. Trust and popularity could be increased by using other accounts for reblogging video posts."Researcher described one possible attack scenario.
"Once the 'attack blog' would have enough followers, attacker could create a malicious post again with carefully selected tags. If the followers would reblog a malicious post, the spreading of payload would start."
The day after Tumblr was hit by a "worm" that left many Tumblr websites defaced with an identical message by Internet troll group GNAA, a security researcher has confirmed there is Stored Cross site scripting vulnerability in Tumblr that allowed attackers to hack Tumblr.
According to Naked Security report, the worm appears to took advantage of Tumblr's reblogging feature, meaning that anyone who was logged into Tumblr would automatically reblog the infectious post if they visited one of the offending pages.
If you were not logged into Tumblr when your browser visited the url, it would simply redirect you to the standard login page.
According to some news report, the hackers behind the attack has warned Tumblr weeks ago about a vulnerability. But there is no response from Tumblr.
 |
| Janne Ahlberg confirmed XSS vulnerability |
"I created a temporary Tumblr account using different browser, submitted a public post with stored XSS payload and visited the profile from another PC & different account. The vulnerability seems to be valid." Security researcher Janne Ahlberg confirmed the xss flaw in his blog post.
"A new Tumblr worm could still be possible. See analysis by @JanneFI: http://janne.is/testing-tumblr-worm-root-cause/ … Good example on how XSS vulns are not harmless." Mikko Hyppönen, CRO at F-Secure tweet reads.
*Update* Tumblr is still vulnerable to stored-XSS Read the updated post here
