InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

[RESOLVED] XSS @ Cabelas

https://forums.informaction.com/viewtopic.php?t=8287

Page 1 of 1

[RESOLVED] XSS @ Cabelas

Posted: Mon Mar 05, 2012 5:59 pm
by therube
Don't know if this is good or bad or expected or not.
(Just realized I'm still on 2.3.3rc1 for some reason.)
Anyhow ...

URL: http://www.cabelas.com/product/Cabelas-Packable-Nylon-Parka-150-Regular/1152325.uts?rid=10&WT.tsrc=AFF&WT.mc_id=k16730

Code: Select all

+dotomi.com
-facebook.net
-dtmpub.com
+bazaarvoice.com
+googleapis.com
+cabelas.com

Code: Select all

[NoScript XSS] Sanitized suspicious request. Original URL [http://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=101&dtm_cid=2122&dtm_cmagic=abdbeb&dtm_format=5&dtmc_ver=1&cli_promo_id=6&dtm_user_id=&dtmc_cat=Home%7CCabelas+Nylon+Packable&dtmc_cat_id=105625080%7C110484180&dtmc_prod=Cabela%2527s+Packable+Nylon+Parka+%2526%2523150%253B+Regular&dtmc_prod_id=1152325&dtmc_brand=Cabela%2527s&dtmc_prod_img=http%3A//images.cabelas.com/is/image/cabelas/s7_923085_renderset_08%3F%7C&dtmc_session_id=5B1B7C7950A57688BC83F31B3A570403.ap7&dtmc_customer_type=New&dtmc_source=nonPaid&dtmc_ref=http%3A//slickdeals.net/f/4027738-Cabela-s-Men-s-Packable-Parka-15-w-Q-Shipped-Cabelas-com&dtmc_loc=http%3A//www.cabelas.com/product/Cabelas-Packable-Nylon-Parka-150-Regular/1152325.uts%3Frid%3D10%26WT.tsrc%3DAFF%26WT.mc_id%3Dk16730] requested from [http://www.cabelas.com/product/Cabelas-Packable-Nylon-Parka-150-Regular/1152325.uts?rid=10&WT.tsrc=AFF&WT.mc_id=k16730]. Sanitized URL: [http://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_fid=101&dtm_cid=2122&dtm_cmagic=abdbeb&dtm_format=5&dtmc_ver=1&cli_promo_id=6&dtm_user_id=&dtmc_cat=Home%7CCabelas+Nylon+Packable&dtmc_cat_id=105625080%7C110484180&dtmc_prod=Cabela%20s+Packable+Nylon+Parka+%u2013+Regular&dtmc_prod_id=1152325&dtmc_brand=Cabela%20s&dtmc_prod_img=http%3A//images.cabelas.com/is/image/cabelas/s7_923085_renderset_08%3F%7C&dtmc_session_id=5B1B7C7950A57688BC83F31B3A570403.ap7&dtmc_customer_type=New&dtmc_source=nonPaid&dtmc_ref=http%3A//slickdeals.net/f/4027738-Cabela-s-Men-s-Packable-Parka-15-w-Q-Shipped-Cabelas-com&dtmc_loc=http%3A//www.cabelas.com/product/Cabelas-Packable-Nylon-Parka-150-Regular/1152325.uts%3Frid%3D10%26WT.tsrc%3DAFF%26WT.mc_id%3Dk16730#8769819261210319783].

Re: XSS @ Cabelas

Posted: Tue Mar 06, 2012 9:23 am
by Tom T.
Cannot reproduce XSS message with that permissions list in Fx 3.6.27, NS 2.3.3rc3.

Had to TA a bunch of stuff in RequestPolicy just to get most of those even to show in the list. Are all of them necessary to shop and buy stuff?

Will try on Fx 10.

Re: XSS @ Cabelas

Posted: Tue Mar 06, 2012 9:40 am
by Tom T.
Reproduced on Fx 10.0.02, same NS, *only after* OK-ing:

Code: Select all

Temporarily allow http://cabelas.ugc.bazaarvoice.com/8815/***crossdomain***].htm?format=embedded#origin=http%3A%2F%2Fwww.cabelas.com
(text/html <IFRAME> / http://www.cabelas.com)
Hmmm.... does that word, "crossdomain" have anything to do with this? ;)

(I added the stars for emphasis, as

Code: Select all

 wipes out bold tags.)

Re: XSS @ Cabelas

Posted: Tue Mar 06, 2012 11:42 pm
by therube
Not seeing it in 2.3.3.rc5.

Re: XSS @ Cabelas

Posted: Wed Mar 07, 2012 12:54 am
by Giorgio Maone
Actually the original one should be gone in latest development build 2.3.3rc6.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited