Vulners
Lucene search
Evernote Web Clipper Same-Origin Policy Bypass Vulnerability
Evernote: extension allows cross-origin iframe communication
I happened to notice that the Evernote Web Clipper (3,000,000+ users) allows any website to bypass the same origin policy.
https://chrome.google.com/webstore/detail/evernote-web-clipper/pioclpoplcdbaefihamjohnefbikjilc
If you send a message like window.postMessage({type: \"EN_request\", name: \"EN_SerializeTo\", data: { frameName: id }), the frame DOM is collected and then posted back to the top window.
I made a quick demo exploit: https://lock.cmpxchg8b.com/oov6Wahv.html
I notice the evernote website requests that all vulnerabilities are submitted via HackerOne, but I'm unwilling to do that.
https://evernote.com/security/report-issue
I'll send a report to the Chrome Webstore policy team instead, who can handle contacting the registered developer.
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
07 Dec 2022 00:00Current