Identify Server-Side Attacks Using Qualys Periscope

Qualys previously announced the introduction of Qualys Periscope in 2020. This technology allows Qualys Web Application Scanning WAS to detect out-of-band vulnerabilities such as server-side request forgery SSRF. Qualys Periscope provides confirmed detections for additional vulnerabilities, such ...

Logitech: One Click Account takeover using Ouath CSRF bypass by adding Null byte %00 in state parameter on www.streamlabs.com

Summary Hello Team I have found a bypass to the this report. 1039749 Steps To Reproduce: 1. Login to attacker's account and go to settings -- account settings. 2. Intercept the request in burp suite and click on merge twitch account. 3. Allow twitch access and once you see a get request in burp...

CVE-2020-9056

Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript is subsequently displayed by the application without sanitization and is executed in the browser of...

CVE-2020-9056

Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript is subsequently displayed by the application without sanitization and is executed in the browser of...

Information disclosure

Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript is subsequently displayed by the application without sanitization and is executed in the browser of...

CVE-2020-9056 Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting

Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which could allow a local, authenticated attacker to store arbitrary JavaScript within the application. This JavaScript is subsequently displayed by the application without sanitization and is executed in the browser of...

CVE-2020-9056

Periscope BuySpeed 14.5 is vulnerable to stored cross-site scripting (XSS) due to unsanitized client-side data. A local, authenticated attacker can store arbitrary JavaScript within BuySpeed, which is then executed in the browser of other users, potentially enabling website redirection, session h...

Periscope Holdings BuySpeed Cross-Site Scripting Vulnerability

Periscope Holdings BuySpeed is a procurement process management system from Periscope Holdings, USA. The system includes vendor management, purchasing management, order management and contract management functions. A cross-site scripting vulnerability exists in Periscope Holdings BuySpeed version...

Periscope BuySpeed is vulnerable to stored cross-site scripting

Overview Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting, which may allow a local, authenticated attacker to execute arbitrary JavaScript. Description Periscope BuySpeed is a "tool to automate the full procure-to-pay process efficiently and intelligently". BuySpeed...

X (Formerly Twitter): Periscope iOS app CSRF in follow action due to deeplink

Summary This issue is mainly in the Periscope iOS app against CSRF follow action using deeplink. as the report 583987 the CSRF work on iOS app POC 1 QR code to follow periscope profile pscp://user/periscopeco/follow ███████ POC2 by kunal94 /follow"CSRF DEMO video █████████ Impact CSRF Follow...

Introducing Periscope: Out-of-Band Vulnerability Detection Mechanism in Qualys WAS

Web applications and REST APIs can be susceptible to a certain class of vulnerabilities that can't be detected by a traditional HTTP request-response interaction. These vulnerabilities are challenging to find but provide a way for attackers to target otherwise inaccessible, internal systems. An...

X (Formerly Twitter): Periscope-all Firebase database takeover

Hello, I found one public Firebase database of periscope.tv and I can able to insert data to this database and i only used it once for the testing purposes, so other database queries also possible. Please follow the below link to check the inserted test data. Periscope-all Firebase URL :-...

X (Formerly Twitter): Twitter Periscope Clickjacking Vulnerability

Bonjour, Summary X-Frame-Options ALLOW-FROM https://twitter.com/ not supported by several Browser, this caused Clickjacking on Twitter Periscope subdomain https://canary-web.pscp.tv & https://canary-web.periscope.tv Steps To Reproduce: 1. Create a new HTML file 2. Put 3. Save the file 4. Open...

X (Formerly Twitter): Periscope android app deeplink leads to CSRF in follow action

Hello Twitter Team Summary This issue is mainly in the Periscope Android app against CSRF follow action using deeplink. Description In normal Periscope Website, when we share a follow link like www.pscp.tv//follow, we get a response whether to follow a person or not, giving us an option, means CS...

X (Formerly Twitter): Account Takeover in Periscope TV

Summary: When you login periscope.tv using twitter, and change the host header from www.periscope.tv to attacker.com/www.periscope.tv, the oauth redirect destination will be attacker.com/www.periscope.tv, thus allowing attacker to send the oauth authorize link to victim, and takeover their accoun...

Remember once for Twitter Periscope API interesting digging experience-vulnerability warning-the black bar safety net

! Recently, I was on Twitter the Periscope service found a loophole. This is a CSRF（cross-site request forgery）vulnerability, although this vulnerability is not considered high-risk vulnerabilities, but found that the vulnerability of the whole process I think is very worth to share with you. Jus...

X (Formerly Twitter): [CRITICAL] Full account takeover using CSRF

Reporter discovered a CSRF vulnerability in the linkage between Periscope accounts and Facebook. This vulnerability would potentially allow for account take-over of Periscope accounts. The problem was resolved and the reporter awarded a bounty...

X (Formerly Twitter): CSRF on Periscope Web OAuth authorization endpoint

Hi, I would like to report an issue in the OAuth authorization endpoint on Periscope Web. This allows a malicious 3rd party application to gain full API access to a victim's Periscope account. Details Periscope has developer APIs that allow a 3rd party application to access resources on behalf of...

Periscope - Live Video - External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Periscope - Live Video published at the 'play' market has multiple vulnerabilities...

X (Formerly Twitter): Insufficient OAuth callback validation which leads to Periscope account takeover

Hi, I would like to report an issue in the Periscope Twitter application which allows attacker to circumvent the callback locking to takeover victim's Periscope account which is connected to a Twitter account. Detail In the mobile Periscope app, the consumerkey and consumersecret for Twitter...