alwaysdata All Projects: Tasklist

	ID	Status	Summary	Opened by
	40	Closed	~~No Rate Limit On Reset Password in admin.alwaysdata.co~~ ...	monty099	Task Description No Rate Limit On Reset Password in admin.alwaysdata.com welcome all : i found that no rate limit in reset password in ::: https://admin.alwaysdata.com/password/lost/ Summary: No rate limit check on forgot password which can lead to mass mailing and spamming of users and possible employees A little bit about Rate Limit: A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache. Steps To Reproduce The Issue 1- create account and go to reset password 2- intercept burp and send request to intruder 3- make payload and start attack Impact 1- Attacker could use this vulnerability to bomb out the email inbox of the victim. 2- Attacker could send Spear-Phishing to the selected mail address. 3-Causing financial losses to the company
	38	Closed	~~Bug Title: Prototype Pollution Vulnerability Report~~	mrdott	Task Description Bug Title: Prototype Pollution Vulnerability Report Weakness: Prototype Pollution Hello Web Security Team, I am reporting a security vulnerability on the website https://www.alwaysdata.com/en/ The website is affected by prototype pollution due to the usage of an outdated jQuery version. Description: The website uses jQuery version 1.12.4, which is susceptible to prototype pollution. This vulnerability allows an attacker to inject properties into Object.prototype, affecting all objects across the application. Notably, the "deep" version of jQuery $.extend is impacted. Steps To Reproduce: 1. To check if the application is vulnerable to prototype pollution attack we can use the below command: command: $.extend(true, {}, JSON.parse('{"__proto__":{"polluted":"hacked"}}')); 2. Now let's open the application URL: https://www.alwaysdata.com/en/ and enter into the developer options Console tab and paste the command and hit enter. Notice that the result contains an option with polluted: hacked Image: https://ibb.co/VxyNw4z Impact: Prototype pollution introduces a severe risk to the application. An attacker, upon exploiting this vulnerability, can manipulate default values for options passed to functions with an "options" argument—a common pattern in JavaScript applications. The impact escalates based on the application's use of such options, potentially leading to unauthorized modifications and alterations in the application's behavior. Supporting Material/References: https://hackerone.com/reports/380873 https://hackerone.com/reports/454365 The vulnerability has been verified on jQuery version 1.12.4, and it is likely to affect older versions. The issue is present when using Chrome latest version. Fix: Update latest version of jquery 3.7.1 is the best remediation as it has no known vulnerabilities at the time of this writing

Closed

~~No Rate Limit On Reset Password in admin.alwaysdata.co~~ ...

Task Description

No Rate Limit On Reset Password in admin.alwaysdata.com

welcome all :
i found that no rate limit in reset password in ::: https://admin.alwaysdata.com/password/lost/ Summary:
No rate limit check on forgot password which can lead to mass mailing and spamming of users and possible employees
A little bit about Rate Limit:
A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache.
Steps To Reproduce The Issue
1- create account and go to reset password
2- intercept burp and send request to intruder
3- make payload and start attack

Impact
1- Attacker could use this vulnerability to bomb out the email inbox of the victim.
2- Attacker could send Spear-Phishing to the selected mail address.
3-Causing financial losses to the company

Closed

~~Bug Title: Prototype Pollution Vulnerability Report~~

mrdott

Task Description

Bug Title: Prototype Pollution Vulnerability Report
Weakness: Prototype Pollution
Hello Web Security Team,

I am reporting a security vulnerability on the website https://www.alwaysdata.com/en/ The website is affected by prototype pollution due to the usage of an outdated jQuery version.

Description:
The website uses jQuery version 1.12.4, which is susceptible to prototype pollution. This vulnerability allows an attacker to inject properties into Object.prototype, affecting all objects across the application. Notably, the "deep" version of jQuery $.extend is impacted.

Steps To Reproduce:
1. To check if the application is vulnerable to prototype pollution attack we can use the below command:

command: $.extend(true, {}, JSON.parse('{"__proto__":{"polluted":"hacked"}}'));

2. Now let's open the application URL: https://www.alwaysdata.com/en/ and enter into the developer options Console tab and paste the command and hit enter.
Notice that the result contains an option with polluted: hacked

Image:
https://ibb.co/VxyNw4z

Impact:
Prototype pollution introduces a severe risk to the application. An attacker, upon exploiting this vulnerability, can manipulate default values for options passed to functions with an "options" argument—a common pattern in JavaScript applications. The impact escalates based on the application's use of such options, potentially leading to unauthorized modifications and alterations in the application's behavior.

Supporting Material/References:
https://hackerone.com/reports/380873 https://hackerone.com/reports/454365 The vulnerability has been verified on jQuery version 1.12.4, and it is likely to affect older versions.
The issue is present when using Chrome latest version.

Fix:
Update latest version of jquery 3.7.1 is the best remediation as it has no known vulnerabilities at the time of this writing

Showing tasks 1 - 2 of 2 Page 1 of 1

All Projects

Available keyboard shortcuts

Tasklist

Task Details

Task Editing