Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

Editorial_Staff_Team's picture

Shopify - Embed POST Inject Vulnerability

Vulnerability Lab found a Persistent Embed POST inject Vulnerability in the official shopify.com web application. The vulnerability allows attackers to create a "Buy Button" including malicious code. By embeding this button on an external page or if the button is displayed within the shopify market the code gets executed.

POC Video: Shopify Bug Bounty - (Buy Button) Persistent Embed POST Inject Vulnerability

Reference(s):

http://www.vulnerability-lab.com/get_content.php?id=1556

Rate this article: 
Average: 5 (4 votes)

Comments

Jelly Gamat Gold-G's picture

Good quality and also it's website,interesting place to visit. Thank you!

Jelly Gamat Gold-G's picture

I appreciate everything you have added to my knowledge base.Admiring the time and effort you put into your magazine and detailed information you offer.Thanks

Jelly Gamat Gold-G's picture

Glad I could visit this blog. No tired of her constantly listening to the articles that you write. Keep the spirit

Jelly Gamat Gold-G's picture

an article which you discourse in indeed very useful, thank you so much

Jelly Gamat Gold-G's picture

I really appreciate this blog, because the blog is so interesting and useful for me

Jelly Gamat Gold-G's picture

Regular visits to this blog, I am happy to listen to all your articles.

Agen Green World's picture

I don't know how often I visit this blog. What I know this blog is very useful to add to my knowledge. Thank you so much.

Jay's picture

I discovered your website by means of Google while searching for a related topic, your website got here up. It appears good. I have bookmarked it in my google bookmarks to come back then.

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.