Back to directory
WRITEUP #4978

CSRF Token Bypasss — A Tale of my $2k bug

CSRFAccount takeover
by@adeyefa_codes(Adeyefa Oluwatoba)
Bounty
2,000
Program
-
Published
Dec 23, 2019
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://web.archive.org/web/20200320111950/https://medium.com/@sainttobs/csrf-token-bypasss-a-tale-of-my-2k-bug-ff7f51166ea1
RELATED WRITEUPS
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat