Imgur: Crossdomain.xml settings on api.imgur.com too open

2015-10-01T10:39:07
ID H1:91604
Type hackerone
Reporter kiraak-boy
Modified 2015-12-09T18:11:40

Description

The crossdomain.xml file hosted at http://api.imgur.com/crossdomain.xml was too open. This allowed SWF files to make HTTP requests and see it's response. If this was not changed, then attacker.com can embed a SWF on attacker.com/example.html that makes an HTTP request to http://api.imgur.com/. The result page for http://api.imgur.com/ would include the CSRF token and the SWF file could make requests with the user's cookies.