Saturday, July 18, 2009

MoTB #18: Persistent XSS vulnerability in tr.im

What is tr.im
"tr.im is an established URL shortening service that prepares great-looking short URLs for services like Twitter. If you send URLs out on Twitter, tr.im is not only the best name, it is one of the shortest." (tr.im about page)


Twitter effect
tr.im can be used to send tweets with the shortened URLs through a form on their website.
tr.im is using OAuth authentication method in order to utilize the Twitter API.


Popularity rate
Yet another Twitter shortening service. Not as popular as others in this market - 2 twits


Vulnerability: Persistent Cross-Site in tr.im Referrer statistics page.
Status: Unpatched.
Details: tr.im does not encode HTML entities of the referrer URLs
which can be easily manipulated by attackers, and can allow the injection of scripts.
This vulnerability can be used by an attacker to send tweets on behalf of its victims.
This vulnerability was submitted by Mike Bailey.
Screenshot:



Vendor response rate
The vendor did not respond to any of the emails I sent during the past week - 0 twits.

0 Comments:

Post a Comment

<< Home