HackerOne Bug Bounty Disclosure: object-level-access-control-leads-to-reading-user-s-full-requests-sessions-and-error-messages-mester-x

January 18, 2025

Company Name:
Yelp

Company HackerOne URL:
https://hackerone.com/yelp

Submitted By:
mester_x

Link to Submitters Profile:
https://hackerone.com/mester_x

Report Title:
Object Level access control leads to reading user’s full requests, sessions, and error messages

Report Link:
https://hackerone.com/reports/2891449

Date Submitted:
18 January 2025

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags:

You may have missed

HIBP-Banner-1

Otelier – 436,855 breached accounts

January 19, 2025
CISA_Logo

CISA: CISA Releases Five Industrial Control Systems Advisories

January 19, 2025
CISA_Logo

CISA: CISA Releases Best Practice Guidance for Mobile Communications

January 19, 2025
CISA_Logo

CISA: CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services

January 19, 2025
CISA_Logo

CISA: CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

January 19, 2025