Lucene search

K
huntrLengochoa71120000F35B1D3-56E6-49E4-BC5A-830F52E094B3
HistoryJun 06, 2022 - 5:48 p.m.

Incorrect use of privileged APIs to steal victim's account

2022-06-0617:48:35
lengochoa7112000
www.huntr.dev
15
api misuse
account theft
security vulnerability
proof of concept
bug bounty

EPSS

0.002

Percentile

57.1%

Description

When user can edit their profile –> Incorrect use of privileged APIs to steal victim’s account

Proof of Concept


1. Login with hacker's account, get the request when edit profile
2. Replace the endpoint and email with victim's one
3. Send the request.
POC video:
https://drive.google.com/file/d/1fhauDTJ0sbDSMoAuRydHE-60wC8XE_ic/view?usp=sharing

EPSS

0.002

Percentile

57.1%

Related for 0F35B1D3-56E6-49E4-BC5A-830F52E094B3