Found on: 11-10-2013

Status: Fixed

HoF: In 2013’s December list

Vulnerability:

Vulnerability: Clickjacking

Domain affected: https://www.linkedin.com/inbox/mailbox/message/compose?trk=hb-messages-item-cmpmsg-v2

Vulnerability Reported on: 03/10/2013

Response received: Within few hours (Must say they were really fast in responding to security vulnerabilities)

Status: Fixed

PoC: The iframe is made visible just for demonstration purpose.

 

 

Pagerduty tshirt

Pagerduty tshirt

Gifts from LinkedIn for responsibly disclosing multiple vulnerabilties.

Tshirt , sipper & hand-written letter

Image  —  Posted: November 21, 2013 in LinkedIn vulnerability
Tags: , , , , ,

dropbox_bounty2 DSC_0301

Description: This is a URI redressing vulnerability found on evernote’s website. The vulnerability allowed victim’s account to get deleted by few clicks without his knowledge/consent. This vulnerability defeated the CSRFbuster token which was used on their site.

The vulnerability was reported first on 5/10/2013 but due to the issue of evernote’s ticketing system I had to resend the mail after a few days to obtain a ticket. After discussion with evernote’s sec-team, they told me that it had already been reported previously by some other researcher, hence my name wasn’t being listed on the site. Nevertheless, they fixed the vulnerability now.

Vulnerability: URI Redressing

Application(s): https://www.evernote.com/Deactivate.action?view=

Impact: Loss of files/account

Risk/Severity: High

PoC:

 

This is a vulnerability on google jobs page.

Severity wise this vulnerability can be used as a sad joke and nothing else, no harm done ! 😛

If this was some banking website or a stock related website, the severity posed by such vulnerability would be different.

Anyways back to the vulnerability. This vulnerability allows tampering the parameter ‘job‘ in the URL. Once you change the parameter’s value

you’ll notice that the job you are applying to will also change!

PoC:

Try changing the value for the ‘job’ parameter and you will notice the job you are applying to changes. There is no validation for the same if you fill-out

the form and submit it! So now you can apply for any job that isn’t even listed on google jobs page 😀

Happy job hunting 😀

Here is an image of the job I’m trying to apply to (FOOD JUNKIE !) 😛

GOO2

This vulnerability was reported to google but since the severity was not ‘High’ and neither was affecting any google customers, it didn’t qualify for a bug bounty.