Reading Time: 3 minutes

Three major XSS issues in 2016

Gábor Pék (CTO, Avatao)

xss

It seems, that XSS is still one of the top vulnerabilites on the web. An attack against Yahoo Mail and various sandbox escape techniques keep this this topic hot. We took the opportunity to prepare a small XSS gift for you for Christmas.

    XSS vulnerability in Yahoo Mail

    This year was really interesting in terms of real use-cases. One of the most recent findings was described by Jouko Pynnönen about a stored XSS vulnerability in Yahoo Mail. According to JP’s blog “The flaw was reported to Yahoo Security via HackerOne on November 12 and fixed on November 29, 2016. Yahoo awarded a bounty of $10,000 for the finding.” In short, an attacker could perform a DOM-based XSS attack via dynamically generated HTML markups controlled by user-supplied values that were not properly sanitized.

      AngularJS

      Another interesting issue was when the AngularJS team decided to remove their “expression sandbox” from AngularJS 1 after reporting escapes for all AngularJS 1 versions. It’s important to emphasize that this sandbox was never intended to provide real protection against XSS attacks. It rather misled developers who kept relying upon it as a security feature.

        Javascript function overrides

        There are other XSS mitigation techniques such as Javascript function overrides, but these also failed to provide long-term XSS protection. A recent blog entry on brutelogic.com suggests to use iframes to bypass the protection provided by “js-override.js”.

          Practice with us!

          You can see that XSS is still hot and it makes total sense to arm yourself against it. Try your skills again by solving our Avatao XmaSS challenge. Enjoy!

          If you like our posts and challenges, follow us on Twitter and Facebook for the most recent updates.

          We wish you a Merry Christmas!

          Related Articles

          Why is Cloud Data Privacy Important?

          Why is Cloud Data Privacy Important?

          Reading Time: 9 minutes The cloud data system has numerous advantages as well as many dangers. 80% of companies have had at least one data breach in the past months.

          Why you need SOC2 compliance as a third party vendor

          Why you need SOC2 compliance as a third party vendor

          Reading Time: 7 minutes Companies understand the way you handle data security has a direct impact on their bottom lines. This has led to most companies requiring all vendors to have a special compliance certificate called an SOC2.

          Hacktivity 2021 – Our experiences

          Hacktivity 2021 – Our experiences

          Reading Time: 7 minutes Our team attended Hacktivity, the biggest IT security conference in Central and Eastern Europe – a whole day full of interesting presentations and workshops. Click to see how we liked it!