Silent Breach Labs
Following the release of a successful patch, Silent Breach can now disclose that we've identified a Cross Site Scripting (XSS) vulnerability on Cloudflare's network that allowed Silent Breach researchers to bypass Cloudflare's Web Application Firewall (WAF). Upon discovering the issue, Silent Breach Labs immediately reached out to Cloudflare, and worked together to ensure that the issue was successfully mitigated and that users remained protected in the meantime. The XSS WAF Bypass vulnerability was reported to Cloudflare on September 25, 2020 and was successfully closed on or before October 13, 2020. For more information or for guidance on how this issue may affect your organization, please contact Silent Breach at: hello@silentbreach.com or at silentbreach.com/Contact.php. Silent Breach's research team uncovers new 0-days in popular systems on a regular basis and works closely with the affected parties to ensure that the vulnerabilities are properly and securely disclosed, monitored and patched. As a standard practice, Silent Breach does not confirm, discuss or disclose any security issues or vulnerabilities until a fix has been released on all affected systems or until express permission has been provided by the relevant parties.
© Copyright Silent Breach. All Rights Reserved.