03
Apr
2017

A subdomain of Mozilla.org has several XSS vulnerabilities and an HTTP Response Splitting vulnerability.

This article illustrates the exploitation of an HRS (HTTP Response Splitting) in order to elevate it in a reflected XSS through a concrete example: Mozilla. When searching for vulnerable (sub)-domains as part of a Bug Bounty program, the subdomain dictionary attack.

Read more
01
May
2016

The generic error page of the Red Hat customer portal suffers from a Cross-Site Scripting vulnerability to steal users credential in plaintext.

As part of my personal projects, as during my professional activity, it is not uncommon that I sign on RedHat sites to download resources (or find solutions to more or less twisted bugs.

Read more
04
Mar
2016

SSO authentication page of one of Fortigate IdP presents a Cross-Site Scripting vulnerability which can be used to steal user credentials in plaintext.

Companies and current majors turn increasingly to identity federation. A central and single repository containing users credentials (login / password) like LDAP, AD, etc., a single web application centralized authentication (commonly referred to IdP for.

Read more