Shopify (Bug Bounty) - XML External Entity Vulnerability

[Mark Litchfield <mark () securatary com>]

Shopify suffered from an XXE attack within their online stores domain - 
*.myshopify.com

They were extremely quick in confirming and fixing the issue (even 
though it was a Sunday).

Full details with the usual screen shots can be found at 
http://www.securatary.com

--
All the best

Mark Litchfield
http://www.securatary.com
Twitter - http://twitter.com/securatary





This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! 
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------