Ausnahme gefangen: SSL certificate problem: certificate is not yet valid ๐Ÿ“Œ Sixt GmbH & Co. Autovermietung KG BBP: Cross domain token leakage via Referer header
Team IT Security Nachrichtenportal Logo

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security
RSS Feed Symbol fรผr Team IT Security 800+ IT News als RSS Feed abonnieren



๐Ÿ“š Sixt GmbH & Co. Autovermietung KG BBP: Cross domain token leakage via Referer header


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: vulners.com


image
Summary: The password reset link of user account on critical sixt+ domain/product can be obtained using the page https://www.sixt.com/php/profile/login_or_password_forgotten. This page requires email address and surname/lastname of the user to send password reset link on email. This link contains the reset key/token in 'k' parameter. Cross domain token leakage via Referer header vulnerability exists on this page https://www.sixt.com/php/profile/login_or_password_forgotten. The sensitive password reset token is exposed to third party social media sites i.e. Youtube, Facebook, Twitter, Instagram and Snapchat. Steps To Reproduce: Get a password reset link on email and load the page on browser such as https://www.sixt.com/php/profile/login_or_password_forgotten?k= On password reset page, click on social media links and capture the requests using Burp. You may observe that full password reset link is exposed to third party sites via Referer header. Supporting Material/References: Screenshots of Burp captured requests are attached here as PoC. Impact Another existing vulnerability is that the password reset link is not expired after change of password. The link remains valid for 48 hours and could be used multiple times to change password of user account on critical sixt+ domain/product. In the environment where the password reset link is not expired after change of password, the leakage of token to third-party hosts become more sensitive vulnerability as it has direct impact... ...



Sharing is caring on Social Media

๐Ÿ”— Reddit
๐Ÿ”— Telegram
๐Ÿ”— LinkedIn
๐Ÿ”— Xing
๐Ÿ”— Twitter
๐Ÿ”— Whatsapp
๐Ÿ”— Facebook
๐Ÿ”— Flipboard

Join the Team IT Security Community

๐Ÿ”— "IT Sicherheit" Reddit-Gruppe
๐Ÿ”— "IT Sicherheit" Telegramm-Seite

๐Ÿ“Œ Sixt GmbH & Co. Autovermietung KG BBP: Cross domain token leakage via Referer header


๐Ÿ“ˆ 159.91 Punkte

๐Ÿ“Œ Solana BBP: Public and secret api key leaked via Solana BBP github repo


๐Ÿ“ˆ 60.3 Punkte

๐Ÿ“Œ Snowplow: Unauthorised CocoaPods Auth via Token Leakage & HTTP Header Injection


๐Ÿ“ˆ 47.41 Punkte

๐Ÿ“Œ Autovermietung: Sixt verteilt weiterhin irrefรผhrende Gutscheine


๐Ÿ“ˆ 42.76 Punkte

๐Ÿ“Œ Angriff auf Sixt: Hacker griffen auf Kundendaten der Autovermietung zu


๐Ÿ“ˆ 42.76 Punkte

๐Ÿ“Œ Angriff auf Sixt: Hacker griffen auf Kundendaten der Autovermietung zu


๐Ÿ“ˆ 42.76 Punkte

๐Ÿ“Œ Angriff auf Sixt: Hacker griffen auf Kundendaten der Autovermietung zu | heise online


๐Ÿ“ˆ 42.76 Punkte

๐Ÿ“Œ Sixt: Autovermietung will auf die Ladeinfrastruktur von ChargeOne setzen


๐Ÿ“ˆ 42.76 Punkte

๐Ÿ“Œ Cacti 1.1.13 HTTP Header auth_profile.php Referer Header Cross Site Scripting


๐Ÿ“ˆ 40.61 Punkte

๐Ÿ“Œ Cacti 1.1.13 HTTP Header auth_profile.php Referer Header cross site scripting


๐Ÿ“ˆ 40.61 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: [SQLI ]Time Bassed Injection at โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆ via referer header


๐Ÿ“ˆ 34.95 Punkte

๐Ÿ“Œ U.S. Dept Of Defense: [โ–ˆโ–ˆโ–ˆโ–ˆ] SQL Injections on Referer Header exploitable via Time-Based method


๐Ÿ“ˆ 34.95 Punkte

๐Ÿ“Œ [webapps] - Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ [webapps] - Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ PHP Web Statistik HTTP Header pixel.php REFERER cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Splunk 6.1.1 Header Referer cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Fortinet FortiAuthenticator 5.3.0 Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ PHPMyWind 5.5 member.php Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ wp-slimstat Plugin up to 4.1.6.0 on WordPress HTTP Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Vivotek Network Camera up to 0x08x syslog.html Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Technicolor MediaAccess TG789vac v2 HP v16.3.7190-2761005-20161004084353 Admin Web Interface Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ WP Statistics Plugin up to 12.6.2 on WordPress GET Request Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ NetIQ Access Manager 4.2/4.3 Access Gateway Error Page /NAGErrors Referer Header Cross Site Scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ EmpireCMS 7.5.0 e/member/doaction.php Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ NewStatPress Plugin up to 1.0.3 on WordPress Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ FormBuilder Plugin up to 0.9.0 on WordPress Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ broken-link-manager Plugin up to 0.5.x on WordPress HTTP Header Referer/User-Agent cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Mautic up to 3.2.3 Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ CVE-2018-10727 | Fabrikar Fabrik Component up to 3.8.1 on Joomla Referer Header Reflected cross site scripting (Issue 2033)


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ WP Statistics bis 12.0.4 Referer Header Cross Site Scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ CVE-2023-52274 | yzmcms up to 7.0 HTTP Header register.html Referer cross site scripting (Issue 65)


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ CVE-2023-46952 | ABO.CMS 5.9.3 HTTP Header Referer cross site scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ CVE-2013-6880 | FlashCanvas up to 1.5 proxy.php Referer Header cross site scripting (XFDB-89663 / OSVDB-100898)


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ Cacti bis 1.1.15 Referer Header aggregate_graphs.php cancel_url Cross Site Scripting


๐Ÿ“ˆ 30.85 Punkte

๐Ÿ“Œ NetIQ Access Manager 4.2/4.3 Access Gateway Error Page /NAGErrors Referer Header cross site scripting


๐Ÿ“ˆ 30.85 Punkte











matomo

Kontakt

24/7 kontakt@tsecurity.de

Weitere Informationen

Google Android Playstore Download Button fรผr Team IT Security
๐Ÿ”— Impressum
๐Ÿ”— Datenschutz
Paypal Spenden fรผr Projekt

Social Media

๐Ÿ”— Facebook
๐Ÿ”— Reddit
๐Ÿ”— Team IT Security als Elektron App
๐Ÿ”— © 2015-2023 Team IT Security Nachrichtenportal รผber Cybersecurity
๐Ÿ”— CMS "myDraft" a PHP Portal Software