XSPA / SSRF Vulnerability with the Adobe Omniture Web Application

This is a video demonstrating the XSPA / SSRF vulnerability that I discovered on the Adobe’s Omniture Web Application back in November 2012 while writing a paper for BlackHat2012 AD. This was a typical XSPA / SSRF bug that allowed, amongst other things, to port scan Internet facing servers using Adobe’s machines, read local files using the file:// protocol and detect internal machines and services running on them.

Adobe has now fixed this issue and put me on the Adobe’s Acknowledgement page for Security Researchers.

More on SSRF / XSPA: http://cwe.mitre.org/data/definitions/918.html http://www.riyazwalikar.com/2012/11/cross-site-port-attacks-xspa-part-1.html

[youtube http://www.youtube.com/watch?v=OLLFgJ5OQj0?vq=hd720&w=560&h=315]
Comments and feedback are welcome!