Yasin Soliman

Yasin Soliman


I'm Yasin, a security analyst and OSCP from the UK, interested in web application testing and red team operations. This is my personal blog for sharing research findings.

Yasin Soliman
Author

Share


Twitter


Advisories and acknowledgements

Yasin SolimanYasin Soliman

Advisories

Project maintainers have issued the following disclosures in response to specific remediated vulnerabilities of note.

Web applications

ProductDisclosure DateIssueCVE
GitLab (8.16.5)February 15th 2017Stored XSS via markup languages (blogpost)N/A
GitLab (9.0.2)March 30th 2017Private group name disclosureN/A
GitLab (9.0.4)March 30th 2017Open redirect via importN/A
WordPress (4.8.2)September 19th 2017Open redirect via user and term edit screensCVE-2017-14725
GitLab (10.0.4)October 18th 2017Stored XSS via Markdown parser bypassN/A
BuddyPress (2.9.2)November 2nd 2017Open redirect via extended user edit screenN/A

Packages and libraries

PackageDisclosure DateIssue(s)CVE
geminabox (0.13.10)November 13th 2017Stored XSS via Gemspec homepage URL injectionCVE-2017-16792
gemirro (0.15.0)November 15th 2017Stored XSS via Gemspec homepage URL injectionCVE-2017-16833
Various NPM packagesDecember 2017Static web server directory traversal; reflected XSSN/A
RubyGems (2.7.6)December 2017Stored XSS in gem server via Gemspec URL injectionN/A

Acknowledgements

The following organisations have publicly* acknowledged my responsible disclosure and vulnerability research efforts. Follow my activities on HackerOne, Bugcrowd, and the Google VRP to keep updated with new findings.

Year (first recognised)Organisations
2016Ubiquiti Networks, General Motors, Hootsuite, Netflix, Instacart, Constant Contact, Xero, OwnCloud, Coursera, Shopify, GlassWire, Skyport Systems, and Legal Robot
2017GitHub, Recorded Future, Sourceforge, Uber, Automattic, Dell, AOL, Sophos, Auto Trader, Envato, DigitalOcean, New Relic, Yahoo, Informatica Corporation, AT&T, Bosch, Etsy, Twitter, Mozilla (Firefox & Web Services), Algolia, Snapchat, Harvest, Plotly, Artsy, WordPress, Google, Imgur, and more...
2018GrabTaxi and Facebook

*Recognition from invitation-only bug bounty engagements and private programs are not included in the lists above.