darksecurity.de | Entries tagged as store.apple.com

Skip to content

Entries tagged as store.apple.com

[Video] - SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, June 11. 2013

Here is a video for my advisory "SSCHADV2013-009 – store.apple.com – DOM based Cross-site Scripting vulnerability"

And here is a link to the video on youtube: http://youtu.be/qlTZD3ri_wU

Enjoy yourself!

SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability

Posted by Stefan Schurtz on Tuesday, June 4. 2013

Advisory:	store.apple.com – DOM based Cross-site Scripting vulnerability
Advisory ID:	SSCHADV2013-009
Author:	Stefan Schurtz
Affected Software:	Successfully tested on store.apple.com
Vendor URL:	http://www.apple.com
Vendor Status:	fixed

======================
Vulnerability Description
======================

The website ‘store.apple.com’ is prone to a DOM based XSS vulnerability

Continue reading "SSCHADV2013-009 - store.apple.com - DOM based Cross-site Scripting vulnerability"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] File Manager Advanced Shortcode 2.3.2 - Unauthenticated Remote Code Execution (RCE)

Sunday, June 4. 2023

[webapps] MotoCMS Version 3.4.3 - SQL Injection

Sunday, June 4. 2023

[webapps] STARFACE 7.3.0.10 - Authentication with Password Hash Possible

Sunday, June 4. 2023

[webapps] Barebones CMS v2.0.2 - Stored Cross-Site Scripting (XSS) (Authenticated)

Sunday, June 4. 2023

[webapps] Enrollment System Project v1.0 - SQL Injection Authentication Bypass (SQLI)

Sunday, June 4. 2023

OpenBSD Journal

New versions of LibreSSL released

Sunday, May 28. 2023

cron(8) now supports random ranges with steps

Sunday, May 7. 2023

OpenBGPD 8.0 released

Friday, May 5. 2023

rpki-client 8.4 released

Wednesday, May 3. 2023

Game of Trees 0.88 released!

Sunday, April 30. 2023

VM owners can now override the boot kernel

Sunday, April 30. 2023

vmd(8) moves to a multi-process model

Sunday, April 30. 2023

viogpu(4), a VirtIO GPU driver, added to -current

Friday, April 21. 2023

Game of Trees 0.87 released

Friday, April 21. 2023

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement