'[Full-disclosure] XSS in images.samsung.com'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] XSS in images.samsung.com
From:       David Tapia <tapiadavid44 () gmail ! com>
Date:       2013-05-30 23:06:09
Message-ID: CAN0efWuDPe1HZvfm8++nZb_C8=5xzoUicss_=vD_sFpKcb_PJw () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi all!

Mi name is David Tapia. I would like to disclose an XSS vulnerability in
images.samsung.com. I tried to warn them two months ago using their bug
bounty program, but they answered me saying that it is only available for
their Smart TVs . I totally agree with them but they could have fixed it
since this happened almost 3 months ago.

The same vulnerability could be exploited in a domain of Adobe Scene 7, but
they already have fixed it (without giving me any Security Acknowledgment).

Here is the proof of concept:

http://images.samsung.com/s7ondemand/brochure/flash_brochure.jsp?company=samsung&sku=&config=233%22;alert%28'XSS'%29;//&zoomwidth
 =

Best Regards,

David Tapia


[Attachment #5 (text/html)]

<div dir="ltr">

<p class="">Hi all!</p>

<p class="">Mi name is David Tapia. I would like to disclose
an XSS vulnerability in <a href="http://images.samsung.com">images.samsung.com</a>. I tried to \
warn them two months ago using their bug bounty program, but they answered me saying that it is \
only available for their Smart TVs . I totally agree with them but they could have fixed it \
since this happened almost 3 months ago. </p>

<p class="">The same vulnerability could be exploited in a domain of
Adobe Scene 7, but they already have fixed it (without giving me any Security \
Acknowledgment).</p>

<p class="">Here is the proof of concept:</p>

<p class=""><a href="http://images.samsung.com/s7ondemand/brochure/flash_brochure.jsp?company=sa \
msung&amp;sku=&amp;config=233%22;alert%28&#39;XSS&#39;%29;//&amp;zoomwidth">http://images.samsun \
g.com/s7ondemand/brochure/flash_brochure.jsp?company=samsung&amp;sku=&amp;config=233%22;alert%28&#39;XSS&#39;%29;//&amp;zoomwidth</a>=</p>



<p class="">Best Regards,</p>

<p class="">David Tapia<br></p>

</div>



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic