Thursday 17 April 2014

Olark Online Website Unvalidated Redirects and Forwards Vulnerability - 0day Bug

"“Olark is the most beautiful and effective way to talk to your customers for sales and support. And we make it super easy for you! Solve customers' problems before they have a chance to click away. Give them the answers they need immediately and gain powerful insights about what they want for relationships that last. Olark has powerful features to give you access to visitors and their behaviors. Make your business (and your site) look good and keep customers coming back. Olark was founded in 2009 by Ben Congleton, Matt Pizzimenti, Roland Osborne and Zach Steindler. Initially funded by seed accelerator Y Combinator, Olark has gone on to profitable success by providing a compelling product and amazing service. We believe the world is a better place when people help each other out. That’s why you’ll find any one of our team members answering your chat. It’s what we love to do. Olark is headquartered in the arboreal oasis of South Park, in San Francisco. We also have an office in Ann Arbor, MI, our "hometown", as well as employees across the US, Canada, Brazil and the U.K.”






Tests were performed on Microsoft IE (9 9.0.8112.16421) of Windows 8, Mozilla Firefox (37.0.2) & Google Chromium 42.0.2311 (64-bit) of Ubuntu (14.04.2),and Apple Safari 6.1.6 of Mac OS X v10.9 Mavericks.





(1) Use one of webpages for the following tests. The webpage address is “http://www.tetraph.com/essaybeans/reflections/solitude.html“.  Can suppose that this webpage is malicious.




Reporter:
Wang Jing, Division of Mathematical Sciences (MAS), School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore. (@justqdjing)



No comments:

Post a Comment