Back to directory
WRITEUP #5540

Cache Deception: How I discovered a vulnerability in Medium and helped them fix it

OtherWeb cache deception
byYuval Shprinz
Bounty
100
Program
Medium
Published
Feb 6, 2019
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.freecodecamp.org/cache-deception-how-i-discovered-a-vulnerability-in-medium-and-helped-them-fix-it-31cec2a3938b
RELATED WRITEUPS
Gotta cache 'em all: bending the rules of web cache exploitation
OtherWeb cache poisoning
Splitting the email atom: exploiting parsers to bypass access controls
OtherWeb cache poisoning
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI

Built with ❤️ by Shubham Rawat