Full Disclosure mailing list archives
Shopify (Bug Bounty) - XML External Entity Vulnerability
From: Mark Litchfield <mark () securatary com>
Date: Mon, 17 Feb 2014 00:11:38 -0800
Shopify suffered from an XXE attack within their online stores domain - *.myshopify.com
They were extremely quick in confirming and fixing the issue (even though it was a Sunday).
Full details with the usual screen shots can be found at http://www.securatary.com
-- All the best Mark Litchfield http://www.securatary.com Twitter - http://twitter.com/securatary _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Shopify (Bug Bounty) - XML External Entity Vulnerability Mark Litchfield (Feb 17)