Hello there ! Today we’ll talk about stored XSS which I found in Apple. Without further ado let’s get into it !
First of all, our vulnerable Apple service was: https://discussions.apple.com
This service is a community where Apple users and developers discuss their problems. If you register here you can create a profile for yourself and help others or get help from them !
Now let’s look at a simple example profile.
This is a simple profile that I have prepared for you. As you can see you can edit the “Location” and “Bio” sections as you wish.
What If We Use A XSS Payload ?
Payload that will be used is :
"><svg/onload=alert(1)>We’ll place this payload in the “Location” section of our Apple profile and take a look at the result together !
As you can see this is a Stored XSS vulnerability that is very easy to exploit ! Cookies of users and employees could be stolen, and it was very easy to achieve that with this way !
As soon as I found something like this, I immediately contacted Apple Security via e-mail. At the end of our 3-month process, I received an e-mail like the one below and I was rewarded !
This is how I got the XSS vulnerability in Apple in a very easy way and completed it with great success ! I leave you with Apple’s Hall Of Fame list and my position on the list below.
https://support.apple.com/en-us/102812 (June 2022) (@xrypt0)
Thank you for reading this far and paying attention. See you in future articles !
Crypto (@xrypt0)
