TikTok: Multiple vulnerability leading to account takeover in TikTok SMB subdomain.
Multiple vulnerabilities like Insecure Direct Object Reference IDOR, Cross-Site Request Forgery CSRF, XSS were found that could have resulted in account takeover on the TikTok SMB subdomain. First, an Insecure Direct Object Reference IDOR was found, where a missing authorization check could allow...