Back to directory

WRITEUP #4853

Facebook CSRF bug which lead to Instagram Partial account takeover.

CSRFOAuth

by@samm0uda(Youssef Sammouda)

Bounty

12,500

Program

Meta / Facebook

Published

Feb 28, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://ysamm.com/?p=379

▸ RELATED WRITEUPS

AI Under Siege: Discovering and Exploiting Vulnerabilities

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

How I Got $250 For My Second Bug on HackerOne

OAuthSession expiration issue

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Vulnerabilities in Homepage Dashboard

Built with ❤️ by Shubham Rawat