Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- I know how they broke into ur site. I tried to send your team the patch 4 months ago I was met with hostility from ur very own RedTeam. I have already 0day'd ur company. Now I see ur info being ransomed for 50k. In case I kept the 0day reports as well as I planned on since the hostility I was gonna leak the Walkthru of the solarwinds attack. Anyways I seriously doubt ur company gives two shots about ur customer base as I found the dev portal where ur devs are talking and basically saying fuck the customers. Ur level 3 data breach is a serious one and could of been avoided had your team not been hostile with GhostSec.
- Location
- https://mil-betacloud.fireeye.com/
- Server
- BigIP. =. 0Day
- Connection
- Keep-Alive
- https://console.us.fireeye.com/libs/misc/polyfill.js?build=2.0.0_342
- Even ur logo is misconfigured.
- https://sjc.training.fireeye.com/assets/FireEye-9dcedd1cad96eac352ae97a540e7686c72ed45569eece3351f5f94cd7ae5b921.png
- https://ork.selabs.fireeye.com/
- The sso is the weak point your sharing all your files and tools.
- https://ork.selabs.fireeye.com/bootstrap/css/bootstrap.min.css
- 1 CVE-2019-8331 79 XSS 2019-02-20 2019-06-11 4.3 None Remote Medium Not required None Partial None
- In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
- 2 CVE-2018-20677 79 XSS 2019-01-09 2019-06-11 4.3 None Remote Medium Not required None Partial None
- In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
- 3 CVE-2018-20676 79 XSS 2019-01-09 2019-06-11 4.3 None Remote Medium Not required None Partial None
- In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
- 4 CVE-2016-10735 79 XSS 2019-01-09 2019-06-11 4.3 None Remote Medium Not required None Partial None
- In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
- Total number of vulnerabilities : 4
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement