Tuesday, March 23, 2010

Capgemini CTO Blog Cross-Site Scripting (XSS)

+++About Capgemini+++
A global leader in consulting, technology, outsourcing, and local professional services (http://www.capgemini.com/about/)

+++Affected URL(s)+++

+++Vulnerable Parameter / Function+++


Capgemini Ist Notified: February 18, 2010
Capgemini IInd Notification: March 02, 2010
Response Received: March 02, 2010
Detailed Info Emailed: March 03, 2010
Current Status: Fixed (As of today, March 23, 2010)

Thanks to Richard Fahey @capgemini for his quick response on resolving this issue.

Best Regards.

Tuesday, March 2, 2010

TVS Star City Cross-Site Scripting (XSS)

+++About TVS Automobiles+++
A Leading automobile company with popular products as TVS Apache, Star City etc having operations in India.

+++Affected URL(s)+++
All website URLs which are using the vulnerable parameter. For example:


+++Vulnerable Parameter(s)+++


Best Regards.

Monday, March 1, 2010

Gulf Business Machines Cross-Site Scripting (XSS)

+++About GBM+++
Founded in 1990, Gulf Business Machines (GBM) is the leading IT solutions providers in the region fulfilling the IT requirements of local, regional and international organisations in the GCC.

A spin-off from IBM, GBM is the sole distributor for IBM 'excluding selected IBM products and services' throughout the GCC, except for Saudi Arabia.

+++Affected URL(s)+++
All website URLs which are using the vulnerable parameter. For example:


and more ...

+++Vulnerable Parameter(s)+++


IBM first notified: February 18, 2010
Response: None till date
Public Disclosure: March 01, 2010

Best Regards.


The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.