ESPN espn.go.com Login & Register Page XSS (cross site scripting) Security VulnerabilityDomain:http://espn.go.com/"As of August 2013, ESPN is available to approximately 97,736,000 pay television households (85.58% of households with at least one television set) in the United States.[2] In addition to the flagship channel and its seven related channels in the United States, ESPN broadcasts in more than 200 countries,[3] operating regional channels in Australia, Brasil, Latin America and the United Kingdom, and owning a 20% interest in The Sports Network (TSN) as well as its five sister networks and NHL Network in Canada." (Wikipedia)Vulnerability description:Espn.go.com has a security problem. It is vulnerable to XSS attacks.Those vulnerabilities are very dangerous. Since they happen at ESPN's "login" & "register" pages, that are credible. Attackers can abuse those links to mislead ESPN's users. The success rate of attacks may be high.The vulnerability can be attacked without user login. Tests were performed on Firefox (33.0) in Ubuntu (14.04) and IE (8.0. 7601) in Windows 8.Vulnerable URLs:http://streak.espn.go.com/en/login?redirect=http%3A%2F%2Fstreak.espn.go.com%2Fen%2FcreateOrUpdateEntrylive%3Fgooglematchup%3Dm32620o35459http://games.espn.go.com/world-cup-bracket-predictor/2014/es/login?redirect=http%3A%2F%2Fgames.espn.go.com%2Fworld-cup-bracket-linkedin-predictor%2Fvk%2F2014%2Fes%2Fgame%3Famazon%3DcreatePOC:Poc Video:https://www.youtube.com/watch?v=gGEZO8wbTBU&feature=youtu.beBlog Detail:http://securityrelated.blogspot.sg/2014/12/espn-espngocom-login-register-page-xss.htmlReported by:Wang Jing, School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore.http://www.tetraph.com/wangjing/
评论