Add new Application & Change User’s Avatar CSRF Vulnerability – X.com

July 19, 2013
 X.com bug bounty is running under the Paypal bug bounty program and i got paid .
Bug1  Add new Application : 
X.com provided option to add the new application in account settings. Due to missing of CSRF token this vulnerability successfully executed and unauthorized application is added anonymously in the user’s account .
CSRF Vulnerable URL : https://www.x.com/user/my-account/applications/new

To reproduce this vulnerability i have attached Proof Of Concept ..

Direct Download Link of POC :

https://dl.dropbox.com/u/18007092/x.com%20CSRF%20new%20Application.html

Bug2 Change User’s Avatar
X.com allow to change user’s default avatar.
I found the there is CSRF token is missing in avatar change module , this can be used to set  user’s default avtar forcefully.
CSRF Vulnerable URL : https://www.x.com/user/select_avatar/2
POC :
<form action=”https://www.x.com/user/select_avatar/2” method=”GET”>
<input type=”submit” name=”submit”>
</form>
Thank you Paypal & X.com for running such a good program – g4h Team.
We Provide Penetration Testing

Leave a Reply

Your email address will not be published. Required fields are marked *

*




We Provide Penetration Testing