Credits
We appreciate the time and effort that security researchers contribute. So on this page we publicly acknowledge and thank those who help keep MIDAS and our users safe.
| Report Received | Resolved | Time To Resolve | Summary | More Info | Credit |
| 8th June 2021 18:05 | 8th June 2021 19:07 | 67 minutes | Request tampering | A vulnerability was discovered that could allow a malicious attacker to publicly book a room for free if venue rates set to "per person" | Shail Shah |
| 8th June 2021 11:09 | 8th June 2021 13:11 | 2 hours | Request tampering | A vulnerability was discovered that could allow a malicious attacker to overbook when making a public booking | Shail Shah |
| 8th June 2021 11:09 | 8th June 2021 12:27 | 78 minutes | Request tampering | A vulnerability was discovered that could allow a malicious attacker to book/request/see availability of non-public venues or resources | Shail Shah |
| 19th May 2021 11:45 | 19th May 2021 14:14 | 2.5 hours | Privilege elevation | A vulnerability was discovered that could allow a user with limited privileges to escalate them | Shail Shah |
| 18th May 2021 17:14 | 18th May 2021 18:39 | 85 minutes | XEE vulnerability | An XML External Entities (XEE) vulnerability was discovered in the public booking/request modules which could lead to a Billion Laughs attack | Shail Shah |
| 17th May 2021 17:10 | 17th May 2021 18:05 | 55 minutes | Stored/Reflected XSS vulnerability in MIDAS | A vulnerability was discovered in input sanitization which could lead a malicious attacker to inject stored/reflected XSS | Shail Shah |
| 17th May 2021 15:38 | 17th May 2021 16:30 | 52 minutes | Captcha replay vulnerability on mid.as | A vulnerability was discovered in the Captcha implementation on our free trial sign up page that could allow a malicious attacker to re-use a Captcha they'd previously manually solved | Shail Shah |
| 2nd April 2021 12:45 | 2nd April 2021 13:05 | 20 minutes | Missing security headers on some *.midas.hosting sub domains | Missing security headers were detected on some *.midas.hosting subdomain. | Mayank Mukhi |
| 13th January 2021 09:37 | 13th January 2021 11:37 | 2 hours | Email flood control weakness in mailing list subscribing | A vulnerability was discovered in the mailing list signup form at mid.as/contact which could potentially allow a malicious attacker to send a large volume of subscription confirmation emails to a given target. | Pranav Yadav |
| 12th December 2020 17:26 | 12th December 2020 18:20 | 54 minutes | Information disclosure on midas.network | Whilst initially reported as an "Improper Access Control" vulnerability, our team believe this to be a PHP "Information disclosure" vulnerability. See also OBB-1602306. | Pramod Yadav |
| 30th July 2020 17:55 | 30th July 2020 18:08 | 13 minutes | Stored XSS vulnerability in MIDAS | A stored XSS vulnerability was discovered in relation to adding new venues to MIDAS. This has been fixed as of MIDAS v4.25 (Build 30/07/2020 @ 18:08 UTC). |
Ranjit Pahan |
| 27th July 2020 10:00 | 27th July 2020 10:17 | 17 minutes | Reflected XSS vulnerability on mid.as | OBB-1236537 | Abhi Sharma |
| 16th July 2020 16:55 | 16th July 2020 17:50 | 55 minutes | Reflected XSS vulnerability on mid.as | A Reflected XSS vulnerability was discovered affecting non-existent pages. | Pratik Khalane |
| 16th July 2020 01:33 | 16th July 2020 13:00 | 11 hours | Vulnerable redirect to PayPal | A vulnerability was discovered which could allow a malicious attacker to tamper with payment redirects to PayPal. | Manoj Khadka |
| 15th July 2020 11:41 | 15th July 2020 13:04 | 83 minutes | Reflected XSS vulnerability in MIDAS | A reflected XSS vulnerability was discovered when adding new venues in MIDAS. This has been fixed as of MIDAS v4.25 (Build 15/07/2020 @ 13:04 UTC). |
Ronit Bhatt |
| 15th July 2020 09:30 | 15th July 2020 11:05 | 95 minutes | CORS vulnerability in blog.mid.as | A CORS vulnerability was discovered in the Wordpress installation at blog.mid.as. | Ronit Bhatt |
| 15th July 2020 09:06 | 15th July 2020 10:09 | 63 minutes | Reflected XSS vulnerability in language editor | A reflected XSS vulnerability was discovered in the Beta Test Suite's Language Editor. | Manav Doshi |
| 15th July 2020 06:12 | 15th July 2020 09:36 | 3 hours | Same Site Scripting vulnerability | A Same Site Scripting vulnerability was discovered on our mid.as and midas.network domains. | Shivam Pravin Khambe |
| 15th July 2020 04:49 | 15th July 2020 11:34 | 7 hours | No flood control on password reset request emails | No rate limiting was imposed for the password reset process in MIDAS. If a malicious attacker knew the email address for a valid user account in a given MIDAS system, they could potentially flood their inbox with password reset request emails. This has been fixed as of MIDAS v4.25 (Build 15/07/2020 @ 11:34 UTC) |
Abhinav Porwal |
| 2nd June 2020 10:31 | 2nd June 2020 10:55 | 23 minutes | Reflected XSS vulnerability on mid.as | OBB-1181081 | raz0r_bl4de |
| 2nd October 2018 17:42 | 28th October 2018 18:28 | 48 minutes | Reflected XSS vulnerability in MIDAS Stored XSS vulnerability in MIDAS |
Two separate vulnerabilities were discovered. The first related to a reflected XSS vulnerability in the the Search module, the second to a stored XSS vulnerability in the Booking Grid. Both were fixed as of MIDAS v4.20 Beta (Build 28/10/2018 @ 18:28 UTC) |
lacroute serge france |
Times shown are UTC unless otherwise stated