Bug 580118 - Reflected XSS On isencia.com
Summary: Reflected XSS On isencia.com
Status: RESOLVED NOT_ECLIPSE
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: Vulnerability Reports (show other bugs)
Version: unspecified   Edit
Hardware: Other Linux
: P3 major (vote)
Target Milestone: ---   Edit
Assignee: Security vulnerabilitied reported against Eclipse projects CLA
QA Contact:
URL:
Whiteboard:
Keywords: security
Depends on:
Blocks:
 
Reported: 2022-06-09 09:38 EDT by Naeem Ahmed Sayed CLA
Modified: 2022-06-09 12:52 EDT (History)
1 user (show)

See Also:

Attachments
Google Results (309.71 KB, image/jpeg)
2022-06-09 09:38 EDT, Naeem Ahmed Sayed CLA 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Naeem Ahmed Sayed CLA 2022-06-09 09:38:56 EDT 
Created attachment 288571 [details]
Google Results

Hello Team
Today When I'm Dorking on Shodan I found this ip 18.203.220.6 and this ip belong with isencia.com ..

When search Google isencia.com bug report
Google Results showing me
ISencia | The Eclipse Foundation .

Hare Is The my search query.
https://www.google.com/search?q=isencia.com+bug+report&ei=wfigYujqBvb04-EP3IOS2AY&oq=isencia.com+bug+report&gs_lcp=ChNtb2JpbGUtZ3dzLXdpei1zZXJwEAMyBQghEKABOgcIIRAKEKABSgQIQRgBUJR-WI6YAWDkmQFoAXAAeACAAdwBiAHGD5IBBTAuOS4ymAEAoAEBwAEB&sclient=mobile-gws-wiz-serp#sbfbu=1&pi=isencia.com%20bug%20report

But I'm not sure this Domain Owned eclipse or not but I want to share with you.

Step To Reproduce:

Visit This URL
https://18.203.220.6/pages/includes/status-list-mo%3Ciframe%20src%3D%22javascript%3Aalert%28document.domain%29%22%3E.vm

You Can See The xss pop up.

Best Regards
Naeem Ahmed Sayed
Comment 1 Wayne Beaton CLA 2022-06-09 12:52:10 EDT 
This is not our site.