Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home XSS Vulnerability in Amazon website ,found by Fabian Cuchietti
Fabián Cuchietti Vulnerability Web Application Vulnerability XSS Vulnerability

XSS Vulnerability in Amazon website ,found by Fabian Cuchietti

Thursday, April 12, 2012
Security Researcher, Fabian Cuchietti discovered XSS vulnerability in the Amazon Web Services(aws.amazon.com).

POC:
https://aws.amazon.com/amis?ami_provider_id=4&architecture='%22--%3E%3C/style%3E%3C/script%3E%3Cscri
pt%3Ealert(0x015E00)%3C/script%3E&selection=ami_provider_id%2Barchitecture

It seems that the vulnerability has been fixed by vendor, the admin managed to filter html codes by converting to html special characters. Anyway we are able to retrieve the mirror of the vulnerability from XSSed.com. 

Mirror is available here:
http://www.xssed.com/mirror/77551/

Screenshot of the vulnerability
Tags: Fabián Cuchietti Vulnerability Web Application Vulnerability XSS Vulnerability
Share it:

Fabián Cuchietti

Vulnerability

Web Application Vulnerability

XSS Vulnerability