Back to directory

WRITEUP #1538

[1500$ Worth — Slack] vulnerability, bypass invite accept process

Logic BugBroken Access ControlLogic flaw

by@siratsami71(Sirat Sami)

Bounty

1,500

Program

Slack

Published

Feb 20, 2023

Added to HackDex

Feb 22, 2023

Read Full Writeuphttps://medium.com/@siratsami71/1500-worth-slack-vulnerability-bypass-invite-accept-process-8204e5431d52

▸ RELATED WRITEUPS

Logic Flaw: I Can Block You from Accessing Your Own Account

Logic BugLogic flaw

“Like” Bypass on Customer Reviews — €500 bounty

Logic BugLogic flaw

Vestaboard: Exploring Broken Access Controls and Privilege Escalation

Privilege EscalationBroken Access Control

How I Earned $469 Bounty: Bypassing Plan Restriction

Privilege EscalationBroken Access Control

Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat