WebApp Sec mailing list archives
Shopify (Bug Bounty) - XML External Entity Vulnerability
From: Mark Litchfield <mark () securatary com>
Date: Mon, 17 Feb 2014 00:10:53 -0800
Shopify suffered from an XXE attack within their online stores domain - *.myshopify.com
They were extremely quick in confirming and fixing the issue (even though it was a Sunday).
Full details with the usual screen shots can be found at http://www.securatary.com
-- All the best Mark Litchfield http://www.securatary.com Twitter - http://twitter.com/securatary This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE.Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
Current thread:
- Shopify (Bug Bounty) - XML External Entity Vulnerability Mark Litchfield (Feb 17)