Web Application Security
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Shopify (Bug Bounty) - XML External Entity Vulnerability Feb 17 2014 08:10AM
Mark Litchfield (mark securatary com)
Shopify suffered from an XXE attack within their online stores domain -
*.myshopify.com

They were extremely quick in confirming and fixing the issue (even
though it was a Sunday).

Full details with the usual screen shots can be found at
http://www.securatary.com

--
All the best

Mark Litchfie...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus