Copy.com is a Barracuda Networks file sharing service, which offers 15GB of a free cloud storage for your files.
When I first read about Copy.com I almost immediately registered for an account. 15GB of a free storage was very tempting. Few moments later I started reporting vulnerabilities.
1. Company settings page – “Company Name” and “Directory Name” did not escape quote sign, which allowed an injection like:
" onclick=alert(document.cookie) x="
2. Profile settings page – “Verify” and “Remove” e-mail functions were vulnerable to a XSS via the URL. After clicking the injected word an alert box popped up.
3. Billing settings page – “Name on Card” and all “Address” fields did not escape quote sign, which again allowed an injection like:
" onclick=alert('http://lubi.cz') "
Timeline:
[May 16th 2013] - bugs #1 & #2 were reported [May 17th 2013] - bug #2 was fixed [June 19th 2013] - second contact, because bug #1 was not fixed. Bug was fixed soon after. [June 25th 2013] - bug #3 was reported [July 10th 2013] - bug #3 was fixed
I would like to thank Zack, Tom and Brian for a flawless work with a bug fixing procedures.
If you would like to receive a free 20 GB (15+5GB) of a free cloud storage, please use this link, which will give us both an additional 5GB bonus space (client installation is needed). Thank you.