ADVISORY INFORMATION

===================

Title: Multiple Reflected XSS vulnerabilities in Infobae Website
Date published: 2016-20-05
Vendors contacted: No answer received
Vendors website: https://www.infobae.com/
Discovered by: Joel Noguera [Independent Security Researcher]
Severity: Medium


AFFECTED PRODUCT

===================
Infobae it is a website of a famous newspaper from Argentina. It is well
known and has thousand of readers per day.
Infobae : https://www.infobae.com/

TECHNICAL DESCRIPTION / PROOF OF CONCEPT

===================

The application does not validate correctly the URL once it is submitted
and an attacker can inject malicious javascript in the code:
The vulnerability is located in the pages:

- https://www.infobae.com/temas/[-PAYLOAD-]

- https://www.infobae.com/temas/[-PAYLOAD-]

This could be exploitable with the following examples:

- https://search.infobae.com/');alert(document.cookie);document.write('


- https://www.infobae.com/temas/');alert(document.cookie);document.write('


IMPACT

===================

Anonymous attacker can inject malicious JS code in crafted request to
hijack session
data of administrators or users of the web resource.


DISCLOSURE TIMELINE

===================

4 May - discovered vulnerability, initially notified vendor
16 May - Contacted again - no response
20 May - Check the vulnerability and it had been fixed.
20 May - Public Disclosure


DISCLAIMER

===================

The information contained within this advisory is supplied "as-is" with
no warranties or guarantees of fitness of use or otherwise.
I accept no responsibility for any damage caused by the use or misuse of
this information.


CREDITS

===================

Joel Noguera as independent Security Researcher.
- Linkedin: https://ar.linkedin.com/in/noguerajoel/en
- Twitter: @niemand_sec
- Email: niemand.sec@gmail.com