Home page logo
/

webappsec logo WebApp Sec mailing list archives

Shopify (Bug Bounty) - XML External Entity Vulnerability
From: Mark Litchfield <mark () securatary com>
Date: Mon, 17 Feb 2014 00:10:53 -0800

Shopify suffered from an XXE attack within their online stores domain - *.myshopify.com

They were extremely quick in confirming and fixing the issue (even though it was a Sunday).

Full details with the usual screen shots can be found at http://www.securatary.com

--
All the best

Mark Litchfield
http://www.securatary.com
Twitter - http://twitter.com/securatary





This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------


  By Date           By Thread  

Current thread:
  • Shopify (Bug Bounty) - XML External Entity Vulnerability Mark Litchfield (Feb 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault