MayurUdiniya
MayurUdiniya
/ gist:7aaa50b878d82b6aab6ed0b3e2b080bc
Created
May 13, 2018 18:27
MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements CVE-2018-10678
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, | |
| > which makes it easier for remote attackers to conduct redirection attacks. | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Additional Information] | |
| > is parsing link with target="_blank" rel="noopener" | |
| > <a class=mycode_url href=malicious.html target="_blank" rel="noopener"> malicious.html </a> MyBB users with Microsoft Edge browser are vulnerable for this attack | |
| > | |
| > ------------------------------------------ |
MayurUdiniya
/ gist:597169f582e506b610beb4e84fd8c8fc
Created
January 30, 2018 15:27
Stored XSS in iBall router CVE-2018-6355
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > /goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 | |
| > 2017" firmware has Unauthenticated Stored Cross Site Scripting via the | |
| > lang parameter. | |
| > | |
| > ------------------------------------------ | |
| > | |
| > [Additional Information] | |
| > Below find the Vulnerable POST request | |
| > | |
| > POST /goform/setLang HTTP/1.1 |