Back to directory
WRITEUP #5261

Account takeover on Airbnb acquisition | An Unusual Bug Part-2 🐛

IDORAccount takeover
by@princechaddha(PRince CHaddha)
Program
Airbnb
Published
Jul 13, 2019
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@princechaddha/account-takeover-on-airbnb-acquisition-an-unusual-bug-part-2-45fab11dc407
RELATED WRITEUPS
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Zomatoooo! IDOR in Saved Payments
IDOR
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover

Built with ❤️ by Shubham Rawat