resolved
Non-Production API Endpoints for the DocumentDB Elastic Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration
Bug reported by Nick Frichette (Datadog) was disclosed at March 11, 2025, 11:47 pm | Insufficient Logging
The DocumentDB Elastic service was found to have three non-production API endpoints that could be accessed using standard IAM credentials without logging to CloudTrail. This allowed for silent permission enumeration, where an adversary could determine the permissions of compromised credentials without leaving a trail.
resolved
CSRF to Reflected XSS at echo.urbandictionary.biz via spoofing content type
Bug reported by Osama Hamad was disclosed at March 11, 2025, 9:40 pm | Cross-site Scripting (XSS) - Stored
The host was vulnerable to XSS due to the fact that it reflected any sent POST request body when the request was sent to an existing or non-existent filename with the .html extension, which spoofed the response content type to HTML.
resolved
Account Takeover Vulnerability in Shopify Collabs Platform Due to Missing Email Verification
Bug reported by Tobias Weisshaar was disclosed at March 11, 2025, 7:39 pm |
The Collabs platform of Shopify was vulnerable to account takeover due to missing email verification. An attacker could create a new Shopify ID using the victim's email address and gain access to the victim's pending Collabs account without requiring email verification.
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
