dekeeu Posted April 16, 2013 Report Posted April 16, 2013 (edited) Title: Meraki Dom XSSSecurity Reward Program : Meraki | Security, Reliability, and PrivacyAffected Product: Meraki Inc.Date: 16.03.2013Severity: MediumStatus: Fixed .POC: Edited April 16, 2013 by dekeeu 2 Quote
Domnul.Do Posted April 16, 2013 Report Posted April 16, 2013 (edited) Te felicit!Chiar am cautat de ceva timp in domeniul respectiv si nu am gasit nimica , dar adevarul este ca nici nu mam gandit la un DOM XSSUpdate: +1 rep Edited April 16, 2013 by Domnul.Do Quote
SticKyWoX Posted April 16, 2013 Report Posted April 16, 2013 Si eu am cautat si nu am gasit nimic Nice job. Quote
Active Members akkiliON Posted April 16, 2013 Active Members Report Posted April 16, 2013 Primul Dom XSS care l-am v?zut vreodat? pe RST )Nice job ! Quote
Active Members akkiliON Posted April 16, 2013 Active Members Report Posted April 16, 2013 (edited) Scuze pentru double-post ! Pentru Information leakage dau recompens? Pentru c? am g?sit !C? eu nu v?d nimic acolo ... Qualifying vulnerabilitiesIt is difficult to provide a definitive list of bugs that will qualify for a reward: any bug that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. Common examples include:Cross-site scriptingCross-site request forgeryCross-site script inclusionMixed scriptingFlaws in authentication and authorization mechanismsServer-side code execution or command injection bugs// Sau m? gândesc c? astea sunt doar câteva exemple cum spun ei(Common examples include) Dac? primesc r?spuns de la ei am s? v? zic ce mi-or zis ! Edited April 16, 2013 by akkiliON Quote
dekeeu Posted April 16, 2013 Author Report Posted April 16, 2013 Raporteaza-l ca n-ai ce pierde, dar vezi ca sunt cam idioti. Un anume tip care le-a raportat niste vulnerabilitati a primit din greseala in plus cateva sute de dolari si ca sa vezi, i-au cerut banii inapoi . Quote
Domnul.Do Posted April 16, 2013 Report Posted April 16, 2013 Raporteaza-l ca n-ai ce pierde, dar vezi ca sunt cam idioti. Un anume tip care le-a raportat niste vulnerabilitati a primit din greseala in plus cateva sute de dolari si ca sa vezi, i-au cerut banii inapoi .Cred ca stiu de cine e vorba , este vorba de Ashar ?Ca sa nu fie un offtopic total:In cand timp ai primit un feedback? Un "human feedback" , nu unu automat. Quote
dekeeu Posted April 16, 2013 Author Report Posted April 16, 2013 Cred ca stiu de cine e vorba , este vorba de Ashar ?Ca sa nu fie un offtopic total:In cand timp ai primit un feedback? Un "human feedback" , nu unu automat.Da, despre el vorbeam.Si primul mail de la ei l`am primit dupa 3 zile. Quote
Active Members akkiliON Posted April 16, 2013 Active Members Report Posted April 16, 2013 Cred ca stiu de cine e vorba , este vorba de Ashar ?Ca sa nu fie un offtopic total:In cand timp ai primit un feedback? Un "human feedback" , nu unu automat.Ast?zi le-am trimis un mesaj !Da, despre el vorbeam.Si primul mail de la ei l`am primit dupa 3 zile.?i o dat banii to?i inapoi sau doar ce a primit în plus ? ) Quote