We appreciate the time and effort that security researchers contribute. So on this page we publicly acknowledge and thank those who help keep MIDAS and our users safe.
|Report Received||Resolved||Time To Resolve||Summary||More Info||Credit|
|8th June 2021 18:05||8th June 2021 19:07||67 minutes||Request tampering||A vulnerability was discovered that could allow a malicious attacker to publicly book a room for free if venue rates set to "per person"||Shail Shah|
|8th June 2021 11:09||8th June 2021 13:11||2 hours||Request tampering||A vulnerability was discovered that could allow a malicious attacker to overbook when making a public booking||Shail Shah|
|8th June 2021 11:09||8th June 2021 12:27||78 minutes||Request tampering||A vulnerability was discovered that could allow a malicious attacker to book/request/see availability of non-public venues or resources||Shail Shah|
|19th May 2021 11:45||19th May 2021 14:14||2.5 hours||Privilege elevation||A vulnerability was discovered that could allow a user with limited privileges to escalate them||Shail Shah|
|18th May 2021 17:14||18th May 2021 18:39||85 minutes||XEE vulnerability||An XML External Entities (XEE) vulnerability was discovered in the public booking/request modules which could lead to a Billion Laughs attack||Shail Shah|
|17th May 2021 17:10||17th May 2021 18:05||55 minutes||Stored/Reflected XSS vulnerability in MIDAS||A vulnerability was discovered in input sanitization which could lead a malicious attacker to inject stored/reflected XSS||Shail Shah|
|17th May 2021 15:38||17th May 2021 16:30||52 minutes||Captcha replay vulnerability on mid.as||A vulnerability was discovered in the Captcha implementation on our free trial sign up page that could allow a malicious attacker to re-use a Captcha they'd previously manually solved||Shail Shah|
|2nd April 2021 12:45||2nd April 2021 13:05||20 minutes||Missing security headers on some *.midas.hosting sub domains||Missing security headers were detected on some *.midas.hosting subdomain.||Mayank Mukhi|
|13th January 2021 09:37||13th January 2021 11:37||2 hours||Email flood control weakness in mailing list subscribing||A vulnerability was discovered in the mailing list signup form at mid.as/contact which could potentially allow a malicious attacker to send a large volume of subscription confirmation emails to a given target.||Pranav Yadav|
|12th December 2020 17:26||12th December 2020 18:20||54 minutes||Information disclosure on midas.network||Whilst initially reported as an "Improper Access Control" vulnerability, our team believe this to be a PHP "Information disclosure" vulnerability. See also OBB-1602306.||Pramod Yadav|
|30th July 2020 17:55||30th July 2020 18:08||13 minutes||Stored XSS vulnerability in MIDAS||A stored XSS vulnerability was discovered in relation to adding new venues to MIDAS.
This has been fixed as of MIDAS v4.25 (Build 30/07/2020 @ 18:08 UTC).
|27th July 2020 10:00||27th July 2020 10:17||17 minutes||Reflected XSS vulnerability on mid.as||OBB-1236537||Abhi Sharma|
|16th July 2020 16:55||16th July 2020 17:50||55 minutes||Reflected XSS vulnerability on mid.as||A Reflected XSS vulnerability was discovered affecting non-existent pages.||Pratik Khalane|
|16th July 2020 01:33||16th July 2020 13:00||11 hours||Vulnerable redirect to PayPal||A vulnerability was discovered which could allow a malicious attacker to tamper with payment redirects to PayPal.||Manoj Khadka|
|15th July 2020 11:41||15th July 2020 13:04||83 minutes||Reflected XSS vulnerability in MIDAS||A reflected XSS vulnerability was discovered when adding new venues in MIDAS.
This has been fixed as of MIDAS v4.25 (Build 15/07/2020 @ 13:04 UTC).
|15th July 2020 09:30||15th July 2020 11:05||95 minutes||CORS vulnerability in blog.mid.as||A CORS vulnerability was discovered in the Wordpress installation at blog.mid.as.||Ronit Bhatt|
|15th July 2020 09:06||15th July 2020 10:09||63 minutes||Reflected XSS vulnerability in language editor||A reflected XSS vulnerability was discovered in the Beta Test Suite's Language Editor.||Manav Doshi|
|15th July 2020 06:12||15th July 2020 09:36||3 hours||Same Site Scripting vulnerability||A Same Site Scripting vulnerability was discovered on our mid.as and midas.network domains.||Shivam Pravin Khambe|
|15th July 2020 04:49||15th July 2020 11:34||7 hours||No flood control on password reset request emails||No rate limiting was imposed for the password reset process in MIDAS.
If a malicious attacker knew the email address for a valid user account in a given MIDAS system, they could potentially flood their inbox with password reset request emails.
This has been fixed as of MIDAS v4.25 (Build 15/07/2020 @ 11:34 UTC)
|2nd June 2020 10:31||2nd June 2020 10:55||23 minutes||Reflected XSS vulnerability on mid.as||OBB-1181081||raz0r_bl4de|
|2nd October 2018 17:42||28th October 2018 18:28||48 minutes||Reflected XSS vulnerability in MIDAS
Stored XSS vulnerability in MIDAS
|Two separate vulnerabilities were discovered.
The first related to a reflected XSS vulnerability in the the Search module, the second to a stored XSS vulnerability in the Booking Grid.
Both were fixed as of MIDAS v4.20 Beta (Build 28/10/2018 @ 18:28 UTC)
|lacroute serge france|
Times shown are UTC unless otherwise stated