HackerOne Bug Bounty Disclosure: conduit-feed-publish-api-allows-you-to-spoof-other-users-or-make-it-look-like-you-have-access-to-a-restricted-objectbydyls

May 18, 2022

Programme

HackerOne

  • Phabricator



Phabricator

Submitted by

  • dyls



dyls

Report

Conduit feed.publish API allows you to spoof other users or make it look like you have access to a restricted object

Full Report

You may have missed

unlock membership

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

November 15, 2024
news

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

November 15, 2024
news

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

November 15, 2024
news

API Security Threats: 83% of Companies Experience Security Incidents

November 15, 2024
news

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

November 15, 2024