darksecurity.de | Entries tagged as apple.com

Skip to content

Entries tagged as apple.com

[Video] - SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, June 11. 2013

Here is a video for my advisory "SSCHADV2013-009 – store.apple.com – DOM based Cross-site Scripting vulnerability"

And here is a link to the video on youtube: http://youtu.be/qlTZD3ri_wU

Enjoy yourself!

SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, June 4. 2013

Advisory:	store.apple.com – DOM based Cross-site Scripting vulnerability
Advisory ID:	SSCHADV2013-009
Author:	Stefan Schurtz
Affected Software:	Successfully tested on store.apple.com
Vendor URL:	http://www.apple.com
Vendor Status:	fixed

======================
Vulnerability Description
======================

The website ‘store.apple.com’ is prone to a DOM based XSS vulnerability

Continue reading "SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Testa 3.5.1 Online Test Management System - Reflected Cross-Site Scripting (XSS)

Friday, September 23. 2022

[webapps] Aero CMS v0.0.1 - SQLi

Friday, September 23. 2022

[webapps] Wordpress Plugin 3dady real-time web stats 1.0 - Stored Cross Site Scripting (XSS)

Friday, September 23. 2022

[webapps] Wordpress Plugin WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS)

Friday, September 23. 2022

[remote] Teleport v10.1.1 - Remote Code Execution (RCE)

Friday, September 23. 2022

OpenBSD Journal

OpenSSH 9.1 is almost ready for release. Please help testing!

Friday, September 30. 2022

A Few of My Favorite Things About The OpenBSD Packet Filter Tools

Tuesday, September 27. 2022

Game of Trees 0.76 released.

Monday, September 26. 2022

Running a Docker Host under OpenBSD using vmd(8)

Thursday, September 22. 2022

EuroBSDCon 2022

Sunday, September 18. 2022

OpenBGPD 7.6 released

Friday, September 16. 2022

A summary piece on spam fighting and spamd(8) in particular and 300,000 imaginary friends

Tuesday, September 13. 2022

-current has moved to 7.2

Monday, September 12. 2022

rpki-client 8.0 released

Monday, September 12. 2022

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement