.png)
3 years ago
152 BOOK THIS SPACE FOR AD
ARTICLE ADIt must be said this is a Security Feature Bypass vulnerability because by default the guest account does not have permission to change the group name. Of course, MSRC did not consider an award for it!!!
When we create a session on Skype, the “?Action=createmeetnow” parameter is sent to the server with the GET method.
When the guest user uses the “?Action=createmeetnow” parameter in their URL, the server re-runs the group creation process with a new name, regardless of user access.
Steps to Reproduce:
Create a Meeting on Skype in “Skype desktop app” or “Web” and … After That copy the invite link.
Start Call and You Can See the “?Action=createmeetnow” in the owner URL (The vulnerability is right here)
Open invite link in another Web Browser Or another OS Web Browser in skype Web using Edge || Chrome || etc. (Don’t Use Skype Application for Guest Account)
Join as a Guest and Enter your name
After entering the Meeting With Guest user, the browser address changes to https://web.skype.com/19:-------------------------------@thread.skype
Enter the value “?action=createmeetnow” at the front of the Guest URL address and Enter To reload the page.
Enter Again Your name and click in the Blank Space on-page and go to Owner Account Each word you type is selected as the group name and the group name change immediately.
(You can join the meeting but it is not necessary)
Now you can see that the group name has changed to our name and we can choose any name for the group.
Let’s try another word.
Thanks
Bengali (Bangladesh) · 
English (United States) ·