Hall of Thanks in Sony





XSS Vulnerability Found in Sony



Introduction : 

Sony Corporation  commonly referred to as Sony, is a Japanese multinational conglomerate corporation headquartered in K┼Źnan Minato, Tokyo, Japan. Sony is ranked 105th on the 2014 list of Fortune Global 500. Number of employees 140,900 (31 March 2014)


XSS Vulnerability:


Multiple XSS Found in  Sony website  infected url : fan.football.sony.net


# Application   : Sony Football website (http://fan.football.sony.net)
# Author        : Noah Franklin J @ Infoziant Innovation Labs
# Date          : Oct 31 2014
# OS            : Windows
# Tested on     : Win 7
# Type of vulnerability: Cross Site Scripting
# Geertz to     : Noah Franklin J
# Use for educational purposes only.
# Note: you are not allowed to edit/modify
# if you do, we cannot be held responsible for any damages this may cause.
# Report Sent : Oct 31 2014
#Response from Sony Security Team :  Nov 01  2014 with case number 1414784250
# Contacted Again Sony Team : Dec 01 2014
# Response from Sony Security Team : Dec 01 2014 To Re- Submit  my Vulnerability
#Replied to Sony Team  : Dec 01 2014 
#Response from Sony Team to Re-Submit my vulnerability with Clear document and POC to Reproduce : Dec 02 2014


URL 1: http://fan.football.sony.net/feed/
URL 2: http://fan.football.sony.net/india/blog/2014/07/
URL 3 :  http://fan.football.sony.net/pages/2/























POC





































































































Categories: ,

0 comments:

Post a Comment