Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

XSS vulnerabilities in Google Cloud, Google Play could lead to account hijacks

A pair of vulnerabilities in Google Cloud, DevSite, and Google Play could have allowed attackers to achieve cross-site scripting (XSS) attacks, opening the door to account hijacks.

The first vulnerability is a reflected XSS bug in Google DevSite. An attacker-controlled link could run JavaScript on the origins http://cloud.google.com and http://developers.google.com, meaning a malicious actor could read and modify its contents, bypassing the same-origin policy.

Researcher ‘NDevTK’, who discovered both vulnerabilities, wrote: “Due to a vulnerability in the server-side implementation of <devsite-language-selector> part of the URL was reflected as html so it was possible to get XSS on the origins using that component from the 404 page.”

The second vulnerability is a DOM-based XSS on Google Play. DOM-based XSS vulnerabilities usually arise when JavaScript takes data from an attacker-controllable source, such as the URL, and passes it to a sink that supports dynamic code execution, such as eval() or innerHTML.

This enables attackers to execute malicious JavaScript, which typically allows them to hijack other users’ accounts.

The researcher told The Daily Swig that they “don’t think the same server response” would be sent to other users without using attacker provided URL.

They wrote: “On the search page of [the] Google Play console vulnerable code was run when the search resulted in an error.

“Getting an error was simple as doing /?search=& and because window.location includes the hash which never encodes ‘ it’s possible to escape the href context and set other html attributes. Unlike the DevSite XSS this is prevented by the CSP but was still awarded more by the panel.”

Bounty

The researcher earned $3,133.70 for the DevSite issue and $5,000 for the vulnerability in Google Play.

Speaking to The Daily Swig, they said that they were “happy with the bounty”.

Source: https://portswigger.net/daily-swig/xss-vulnerabilities-in-google-cloud-google-play-could-lead-to-account-hijacks

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich....

Cyber Security

Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that...

Cyber Security

Belgium became a haven for ethical hackers following the adoption of a nationwide safe harbor agreement last month. The framework means that well-intentioned security researchers are free...

Cyber Security

Twitter faced further criticism this week when Elon Musk’s social networking platform announced SMS-based 2FA will only be available to paying customers going forward....

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO