CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...

CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...

CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...

CVE-2019-17355

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat...

CVE-2019-17355

The CVE-2019-17355 entry concerns the Orbitz Android app (version 19.31.1). The issue is that the username and password are written to logs during authentication and can be exposed to an attacker via logcat. The available Connected documents reiterate this description across Red Hat, NVD, CVE lis...

A week in security (March 19 – March 25)

Last week, we looked at the growing problem of smartphone addiction, how link rot is continually slicing down portions of the web, and the theft of our intellectual property. We also explored the landscape of DDoS problems, and tackled a Stephen Hawking 419 scam. Other news What can only really b...

Feds Take On Foreign Hackers, While 880K Orbitz Customers “Likely” Affected by Data Breach

In this edition of Qualys’ infosec news digest, we look at Orbitz’s data breach, AMD’s vulnerabilities controversy, and recent actions by the U.S. government against alleged Russian and Iranian cyber spies. Orbitz was kinda, sorta, maybe hacked Orbitz disclosed last week that personal information...

Orbitz Warns 880,000 Payment Cards Suspected Stolen

Expedia-owned travel site Orbitz said Tuesday a possible breach of both its consumer and partner platforms may have led to the disclosure of 880,000 payment cards. According to Expedia, criminals had access to Orbitz consumer and business partner platforms, but not the Orbitz.com website. The...

Expedia Orbitz Travel, Flights, Hotel Booking Site Compromised

Chicago-based online travel booking company Orbitz, a subsidiary of Expedia.com, reveals that one of its old websites has been hacked, exposing nearly 880,000 payment card numbers of the people who made purchases online. Orbitz.com is a travel fare aggregator website and travel metasearch engine,...

Hackers steal banking & personal data of 800,000 Orbitz customers

By Waqas Orbitz.com, a Chicago, Illinois based popular travel website owned by Expedia This is a post from HackRead.com Read the original post: Hackers steal banking & personal data of 800,000 Orbitz customers...

orbitz.com XSS vulnerability

Vulnerable URL: https://www.orbitz.com/user/forgotpassword Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2673 VIP website status:| Yes Check orbitz.com SSL connection:| Grade: A Coordinated Disclosure Timeline:...

Orbitz - Flights, Hotels, Cars - Base64 encoded String, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Orbitz - Flights, Hotels, Cars published at the 'play' market has multiple vulnerabilities...