Nealpoole - nealpoole.com - Neal Poole
General Information:
Latest News:
CodeIgniter <= 2.1.3 xss_clean() Filter Bypass 24 Jul 2013 | 12:30 am
Summary The CodeIgniter framework contains a function, xss_clean(), which is intended to filter out potential XSS attacks. From the CodeIgniter documentation: The XSS filter looks for commonly used ...
XSS Filter Bypass in validator Node.js Module 4 Jul 2013 | 11:30 pm
Summary The validator module for Node.js contains functionality meant to filter potential XSS attacks (a filter called xss). In looking at the implementation I discovered several bypasses for this fi...
Code Execution via F5 Networks Java Appplet 3 Jul 2013 | 03:30 am
Summary A signed Java applet, distributed with a number of products by F5 Networks, contained a vulnerability which allowed for arbitrary code execution on a local machine under specific circumstance...
Bitbucket: User Information Disclosure via JSONP 27 Jun 2013 | 03:30 am
Summary It was possible for a third party website to retrieve information about the currently logged in user via the Bitbucket API. This data included email addresses, SSH public keys, and repository...
Code Execution via YAML in JS-YAML Node.js Module 24 Jun 2013 | 02:30 am
Summary The JS-YAML module for Node.js contained a code execution vulnerability prior to version 2.0.5. The maintainers of JS-YAML have patched this vulnerability and, beginning in version 2.1.0, hav...
CSRF Token Disclosure in Coinbase 4 Jun 2013 | 09:45 am
Summary At the beginning of May I found and reported a security vulnerability in Coinbase, a Bitcoin exchange. The vulnerability I reported allowed an attacker to steal the CSRF token for the current...
Experiences With The Yandex Bug Bounty Program 17 Apr 2013 | 01:50 am
Summary I reported 3 vulnerabilities to the Yandex bug bounty program shortly after it launched in September. It has taken almost 6 months to resolve the issues completely, thanks to some mis-communic...
(Unpatched) Reflected XSS in JW Player 5 16 Apr 2013 | 09:03 am
Summary I found a reflected XSS vulnerability in JW Player 5. The developers at LongTail Video have released JW Player 6, which is not vulnerable to this issue. They do not plan to update JW Player 5 ...
JSONP Leaked Personal Information From Fitbit.com 15 Mar 2013 | 05:44 pm
Summary Because of a security vulnerability in fitbit.com, malicious third-party websites could have extracted personal information from logged in users. What is Fitbit According to http://www.fitbit....
Bad Changes to eBay’s Responsible Disclosure Policy 15 Mar 2013 | 01:49 am
Summary eBay has changed its responsible disclosure policy for security researchers. The older policy asked researchers to “Allow us a reasonable amount of time (at least 30 days from when we receive ...
