FIREYE.COM 0DAY SOLARWINDS I DID IT 4 MONTHS AGO

I know how they broke into ur site. I tried to send your team the patch 4 months ago I was met with hostility from ur very own RedTeam. I have already 0day'd ur company. Now I see ur info being ransomed for 50k. In case I kept the 0day reports as well as I planned on since the hostility I was gonna leak the Walkthru of the solarwinds attack. Anyways I seriously doubt ur company gives two shots about ur customer base as I found the dev portal where ur devs are talking and basically saying fuck the customers. Ur level 3 data breach is a serious one and could of been avoided had your team not been hostile with GhostSec.


Location
https://mil-betacloud.fireeye.com/
Server
BigIP. =. 0Day
Connection
Keep-Alive

https://console.us.fireeye.com/libs/misc/polyfill.js?build=2.0.0_342

Even ur logo is misconfigured.

https://sjc.training.fireeye.com/assets/FireEye-9dcedd1cad96eac352ae97a540e7686c72ed45569eece3351f5f94cd7ae5b921.png

https://ork.selabs.fireeye.com/

The sso is the weak point your sharing all your files and tools.

https://ork.selabs.fireeye.com/bootstrap/css/bootstrap.min.css

1	CVE-2019-8331	79		XSS	2019-02-20	2019-06-11	4.3	None	Remote	Medium	Not required	None	Partial	None
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
2	CVE-2018-20677	79		XSS	2019-01-09	2019-06-11	4.3	None	Remote	Medium	Not required	None	Partial	None
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
3	CVE-2018-20676	79		XSS	2019-01-09	2019-06-11	4.3	None	Remote	Medium	Not required	None	Partial	None
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
4	CVE-2016-10735	79		XSS	2019-01-09	2019-06-11	4.3	None	Remote	Medium	Not required	None	Partial	None
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Total number of vulnerabilities : 4