Back to directory

WRITEUP #1961

How Sigstore quickly patched an upstream vulnerability

OAuthAccount takeoverPhishing

byJoern Schneeweisz

Program

Sigstoredex

Published

Nov 10, 2022

Added to HackDex

Nov 14, 2022

Read Full Writeuphttps://blog.sigstore.dev/how-sigstore-quickly-patched-an-upstream-vulnerability-76ba84ef1122

▸ RELATED WRITEUPS

Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

OAuthAccount takeover

Self XSS + Login CSRF + OAuth = Account Takeover

Auth BypassAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

How I Got $250 For My Second Bug on HackerOne

OAuthSession expiration issue

Built with ❤️ by Shubham Rawat