vulnerability Archives - Aadhaar FAIL

Security Fails

It took exposing a vulnerability publicly to get UIDAI to block (not fix) it

Late Saturday night, security researcher Abhay Rana published a post detailing an XSS vulnerability on the UIDAI portal at resident.uidai.gov.in that allowed anyone to embed content on the website, so that when the appropriate url was accessed, UIDAI would appear to host that content. The vulnerability was a result of UIDAI running Read more…

By Vidyut, 2 months ago

Security Fails

Aadhaar Vulnerability Public Disclosure

Vulnerability reported in resident.uidai.gov.in allows anyone to change content on the UIDAI website. The UIDAI Resident Portal has direct access to Aadhaar demographic data. The vulnerability (XSS) allows anyone to embed any tweet on the UIDAI website The Vulnerability The UIDAI Resident Portal (with read access to entire Aadhaar Demographic data) Read more…

By Abhay Rana, 2 months ago