XSS on Flickr

Howdy friends,

Today I’m going to show you how I got Flickr XSS Vulnerability. I’ve been spending time lately playing with Flickr.

First as usual I created flickr group with some random words <"lol">
To my bad luck there was filtration.

then i started digging with that and i found a way to execute my javascript.

Steps:

  1. Create a group with a name <img src=x onerror=prompt(1)>"
  2. Add someone to the group
  3. when user will click on leave group xss will prompt.

tumblr_inline_o1hf1h51P71t8my73_250

Note: As i told you there was filtration but when a user try to leave that group filtration does not work and xss get executed.

Flickr.Xss

It was reported to yahoo and then after 10 days i got reply from them “Triaged” , then after some more days they rewarded me by 400$ for this finding :v
And they put my name on their hall of fame page

Yahoo Hall Of Fame

Video Demo:

Thanks to Yahoo security team.

Time-line: 
05. Sept 2014 - Vulnerability reported. 
06. Sept 2014 - Need More Info. 
06. Sept 2014 - Provided more info. 
08. Sept 2014 - Need More Info. 
09. Sept 2014 - Provided More Info. 
15. Sept 2014 - Bug Triaged. 
01. Oct 2014 - Vulnerability fixed :D (That was pretty fast!)
 

shubhamgupta

 

2 thoughts on “XSS on Flickr

Leave a Reply

Your email address will not be published. Required fields are marked *