Stripo Inc: [Critical] Unauthorized Cross-Tenant Data Access in Stripo AI Hub Campaign via Deleted Project.

An unauthorized cross-tenant data access vulnerability was discovered in the Stripo AI Hub Campaign. The vulnerability allowed access to data from a deleted project. The issue was resolved...

Stripo Inc: [my.stripo.email] Blind SSRF Vulnerability in Stripo App Export via Missing Endpoints Export Email Message to Zapier

A critical Blind SSRF Server-Side Request Forgery vulnerability was identified in the export service of the Stripo app. The vulnerability existed in the endpoint /exportservice/v3/exports/WEBHOOK/accounts, where malicious input could be provided in the webhookUrl parameter, triggering SSRF and...

Stripo Inc: Non-revoked API Key Disclosure in a Disclosed API Key Disclosure Report on Stripo

A previously disclosed vulnerability regarding API key disclosure in Stripo was reported as resolved...

Stripo Inc: [demo.stripo.email] HTTP request Smuggling

A vulnerability in the demo.stripo.email website was reported, which has since been resolved...

Stripo Inc: [SSRF] my.stripo.email via the setup-wizard parameter

A vulnerability in the setup wizard allowed SSRF. The issue has been resolved...

Stripo Inc: Non-revoked API Key Information disclosure via Stripo_report()

Talking about 983331 reports where a security researcher reported secret API key leakage vulnerability in a JavaScript file at Stripo. This report is disclosed on HackerOne, and the team at Stripo have forgotten to blur the API keys from the report before disclosing it to the public. The API keys...

Stripo Inc: Ability to use premium templates as free user via https://stripo.email/templates/?utm_source=viewstripo&utm_medium=referral

Summary: Hello, I found security vulnerability in your web application, another business logic. Steps To Reproduce 1. Go to https://stripo.email/templates/?utmsource=viewstripo&utmmedium=referral 2. Choose any premium template and click use in editor 3. Then sign in to save and it is in your...

Stripo Inc: Bypassing Content-Security-Policy leads to open-redirect and iframe xss

Summary: https://my.stripo.email/cabinet//template-editor/..... has the ff: code to make iframes more secure: html pointing to other domains won't work but, the whitelist in frame-src data has listed .firebaseapp.com, a free hosting domain, leading to iframe abuse and redirects Steps To Reproduce...

Stripo Inc: Stored XSS at Module Name

Summary: Hello, I found stored xss at module name with this payload "Hello : Steps To Reproduce: 1. Add new container, it doesn't matter which is it 2. Paste this payload in the module name"Hello : 3. Update it then check the module name again in setting 4. Alert Popup Stored XSS Stored cross-sit...

Stripo Inc: Bypass of #1047119: Missing Rate Limit while creating Plug-Ins at https://my.stripo.email/cabinet/plugins/

Summary: I have found a bypass for the report https://hackerone.com/reports/1047119 It seems that a proper fix was not issued therefore the issue still remains. Steps To Reproduce: 1. Create a Plug-In and capture the request. 1. Send this to Intruder 1. Follow the rest in the Video POC. POC Video...

Stripo Inc: Stored XSS in the banner block description

Steps To Reproduce: - Create a new template and add a banner block F1128944 - Add a description to the banner block description: " - Malicious code executed F1128945 Proof Of Concept: F1128942 Impact With this vulnerability, an attacker can for example steal users cookies or redirect users on...

Stripo Inc: Permanent DOS for new users!

Summary: Hi team its me Akash Hamal, and while testing my.stripo.email website which is in scope of your program i was able to DOS permanently any new mail,user which might use your service in future but they won't be able to use ! While registration on my.stripo.email there are three fields...

Stripo Inc: Non-revoked API Key Disclosure in a Disclosed API Key Disclosure Report on Stripo

Summary: Can you imagine discovering an API key disclosure vulnerability in a disclosed API key disclosure report? The same thing is what I came across while going through the disclosed reports at Stripo Inc. Plus, the disclosed API key isn't even revoked, and therefore I am still able to use the...

Stripo Inc: No rate limit in email subscription

I managed to bypass the following report 1029723 please follow the steps below: Description: No rate limit in Email Subscription, you just have to add a fixed throttle in Burp Suite to avoid the 429 response. Note: I will use tempmail in the screenshots PoC Steps: 1. Go to https://stripo.email/ a...

Stripo Inc: No rate limiting - Create Plug-ins

Hello team Stripo, how are you? I found a rate limit for data creation. Target = https://my.stripo.email/cabinet//plugins/293814 Request to Post: POST /cabinet/stripeapi/v1/plugin/293814/plugins HTTP/1.1 Host: my.stripo.email User-Agent: Mozilla/5.0 X11; Linux x8664; rv:78.0 Gecko/20100101...

Stripo Inc: No rate limiting for subscribe email + lead to Cross origin misconfiguration

Summary: I found bypass no rate limiting using Access-Control-Allow-Origin: and look the response as 200 vulnerable No rate limit means their is no mechanism to protect against the requests you made in a short frame of time. If the repetition doesn't give any error after 50, 100, 1000 repetitions...

Stripo Inc: Stored XSS at Template Editor in "Section Name" Field of Block element 'Accordion'.

Summary: Hi Team, There is "Stored XSS" in Template Editor. When creating Accordion, "Section Name" field does not properly sanitize the input provided by the User leading to Stored XSS. See the Proof Of Concept below. Thank You. Steps To Reproduce: A. Open Template Editor and insert element...

Stripo Inc: Memory Dump and Env Disclosure via Spring Boot Actuator

Memory Dump and Env Disclosure via Spring Boot Actuator Spring boot actuator files/endpoints can be accessed via path like stripo.email/██████/actuator/, including a 110 MB heapdump file, which expose source code, private keys and some internal data! The maximum severity of this asset is medium, ...

Stripo Inc: Able to use 'PREMIUM TEMPLATES' in 'FREE PLAN' at [https://my.stripo.email/cabinet/#/my-templates/]

Summary: Hi Team, I had found a way to use Premium Templates with FREE PLAN only. As generally Premium Templates can be only used by PAID USERS. So this will lead to heavy loss in Business. It is also possible to use components in DEMO EDITOR which are only available after registration, by just...

Stripo Inc: Stored XSS at "Conditions " through "My Custom Rule" Field at [https://my.stripo.email/cabinet/#/template-editor/] in Template Editor.

Summary: Hi Team, There is "Stored XSS" in "Conditions" . When creating "My Custom Rule", you have to provide a name, whereas "My Custom Rule " field does not properly sanitize the input provided by the User leading to Stored XSS. Other fields are properly sanitizing the input. See the video Pock...