The web-hosting platform Bluehost was found to contain multiple account takeover and information leak vulnerabilities.
Independent researcher and bug-hunter Paulos Yibelo has identified four vulnerabilities, one of which is a “High” severity information leak through CORS misconfigurations that could allow attackers to steal personally identifiable information, partial payment details and tokens that can give access to a user’s hosted WordPress, Mojo, SiteLock and various OAuth-supported endpoints.
The site is also vulnerable to account takeover because of improper JSON request validation CSRF, Man-in-the-middle attacks due to improper validation of CORS scheme and cross scripting on my.bluehost.com, according to the Yibelo’s recent blog post.
Yibelo also tested four other popular web hosting companies and found cross scripting and information disclosure vulnerabilities in Dreamhost, information disclosure among other vulnerabilities in Hostgator and OVH, and account takeover and other vulnerabilities in iPage.
A spokesperson from Bluehost told SC Media that the company is aware of the research and has taken steps to address the potential vulnerabilities.