Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hackeroneFind_me_hereH1:1818969
HistoryDec 30, 2022 - 12:21 p.m.

LinkedIn: [ Continuation Report from #1814842 ] Can create articles using other users' NewsLetters

2022-12-3012:21:54
find_me_here
hackerone.com
4
linkedin
idor
articles
publication
notification
JSON

Security researcher found an IDOR on LinkedIn where the attacker is able to publish articles using Victim’s newsletter. This published article is not seen on the Victim’s newsletter homepage and there is no notification sent to the subscribers of the victim’s newsletter regarding this publication from the attacker.

JSON