Spree e-commerce JSON: Hijacking Vulnerabilities

Users of Spree e-commerce JSON please be advised of a Hijacking Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Spree-SA-11/08/2010: Spree e-commerce JSON Hijacking Vulnerabilities – CVE-2010-3978
DETAILS

There are multiple JSON Hijacking vulnerabilities and as result, an attacker can steal confidential information such
as: product costs, price and quantities and users email, encrypted password, tokens, OpenID identifier, phone and
address as well as orders count and values by period.

There are some pages within the default Spree installation that use JavaScript Object Notation (JSON) as a transport
mechanism between the client and the server. As the application cannot differentiate real requests from forged
requests, and the JSON object returned can be accessed by the attacker’s malicious code via a script tag, those pages
are vulnerable to an attack known as JSON Hijacking.
Read more at http://www.criticalwatch.com

 

Advertisements