Back to directory
WRITEUP #3604

Part 2: Dive into Zoom Applications

CSRFAccount takeoverInformation disclosureSession expiration issueBroken authorizationLogic flaw
by@rakesh_3895(Rakesh Thodupunoori)
Program
Zoom
Published
Jul 13, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://rakesh-thodupunoori.medium.com/part-2-dive-into-zoom-applications-1b01091345c1
RELATED WRITEUPS
How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System
ReconMissing authentication
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover
Vulnerabilities in Homepage Dashboard
RCESSRF
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat