Tuesday 2 October 2012

ClickedIN - A clickjacking vulnerability in LinkedIn

This post is a summary of the Clickjacking bug I had found in LinkedIn. I had responsibly disclosed it to them.  

Bug found on: 12th Sep. 2012

Bug Reported on: 14th Sep. 2012 

Bug Fixed on : 11th Jan. 2013

Bug Details : "Remove Connection" option in LinkedIn is vulnerable to ClickJacking.

Impact : This may potentially trick a genuine user into clicking on something different to what the user perceives they are clicking on, thus potentially deleting some existing connections in their profile while clicking on seemingly innocuous web pages.
 
Scenario:
The "Remove Connections" section of LinkedIn was vulnerable to clickjacking. 
An attacker could perform a UI redress attack against this vulnerability by designing innocuous seeming web pages and trick a logged in user to remove some of his/her existing connections.
 

Below I have shown a POC exploiting this vulnerability.


 

 


Cheers :}

<-- 7h3_j0k3r -->