Shopify suffered from an XXE attack within their online stores domain -
*.myshopify.com
They were extremely quick in confirming and fixing the issue (even
though it was a Sunday).
Full details with the usual screen shots can be found at
http://www.securatary.com
--
All the best
Mark Litchfield
http://www.securatary.com
Twitter - http://twitter.com/securatary
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
*.myshopify.com
They were extremely quick in confirming and fixing the issue (even
though it was a Sunday).
Full details with the usual screen shots can be found at
http://www.securatary.com
--
All the best
Mark Litchfield
http://www.securatary.com
Twitter - http://twitter.com/securatary
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/