IV88400: Reflected cross-site scripting (XSS)


Reflected cross-site scripting (XSS) vulnerabilities stem from the data in a request being echoed unsafely into an application’s response. Attackers can construct requests which will cause JavaScript code supplied by the attacker to be executed on the user’s browser and within the context of their current session. This might mean that the attacker would have access to their session tokens, could log their keystrokes, or launch a network scan from the users browser. An attacker may exploit this vulnerability in conjunction with a cross-site request forgery (CSRF) attack, or by providing a maliciously crafted link to a user in an email, chat, or webpage.

The impact of this vulnerability is contingent upon the function of the application. In addition to session hijacking, if the application uses broadly scoped cookies, the vulnerability may lead to widespread account compromise, data loss, and potential theft. A vulnerability of this type might be leveraged in a phishing campaign to exploit the trust and goodwill that users have in Apple in order to perform malicious attacks on the user.

Multiple parameters to “WebProcess.srv” were found to be vulnerable to reflected XSS when the “objectId” and “actionId” parameters are set to “840000” and “750812”, respectively.

Continue reading

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s