2 matches found
disneycruiselineblog.com Cross Site Scripting vulnerability OBB-3283318
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
LY Corporation: Access to images and videos in drafts on LINE BLOG
On LINE BLOG, sequential ID is assigned to each image/video when uploaded, and the ID is converted to actual URL on preview/publish. Due to the bug in the attachment ownership verification process, it could be possible for an attacker to view unpublished images/videos in other users' drafts by...