Back to directory
WRITEUP #5065

Bypassing GitHub's OAuth flow

OAuthAuthorization bypass
by@not_aardvark(Teddy Katz)
Bounty
25,000
Program
GitHub
Published
Nov 5, 2019
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html
RELATED WRITEUPS
How I Got $250 For My Second Bug on HackerOne
OAuthSession expiration issue
Authorization bypass due to cache misconfiguration
APIAuthorization bypass
The Hunt for ALBeast: A Technical Walkthrough
CloudAWS ALB
AI Under Siege: Discovering and Exploiting Vulnerabilities
AI / LLMAI
Stealing First Party Access Token of Facebook Users: Meta Bug Bounty
OAuthAccount takeover

Built with ❤️ by Shubham Rawat