Back to directory

WRITEUP #4479

Pre-Access to Victim’s Account via Facebook Signup

OAuthAccount takeover

by@Akshanshjaiswl(Akshansh Jaiswal)

Bounty

500

Program

-

Published

Jul 28, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@akshanshjaiswal/pre-access-to-victims-account-via-facebook-signup-60219e9e381d

▸ RELATED WRITEUPS

Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

OAuthAccount takeover

Self XSS + Login CSRF + OAuth = Account Takeover

Auth BypassAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

How I Got $250 For My Second Bug on HackerOne

OAuthSession expiration issue

Built with ❤️ by Shubham Rawat