ccloes
commented
2 years ago @lweichselbaum is this something that you would review?
Closed ccloes closed 2 years ago
ccloes
commented
2 years ago @lweichselbaum is this something that you would review?
ddworken
commented
2 years ago While that specific endpoint no longer works, it looks like there are still other jsonp endpoints on appcenter.intuit.com. For example, https://appcenter.intuit.com/Connect/ShowIntroMessageJSONP?callback=alert(0);foo. Before removing appcenter.intuit.com from this list we'd want to ensure there are no more jsonp endpoints on appcenter.intuit.com.
ccloes
commented
2 years ago Let me get back to the team and report back. Thank you for your reply.
ccloes-intuit
commented
2 years ago @ddworken We have gone through that endpoint and can confirm that ShowIntroMessageJSONP is no longer vulnerable as well. We have queried for all other JSONP endpoints and show no others (than these two). Thank you for pointing it out.
Please let us know if there is anything else you need from us on this.
This endpoint has been patched and is no longer vulnerable.