WRITEUP #5638

#BugBounty — “User Account Takeover-I just need your email id to login into your shopping portal account”

OAuthAuthentication bypassAccount takeover

Program

Published

Dec 13, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@logicbomb_1/bugbounty-user-account-takeover-i-just-need-your-email-id-to-login-into-your-shopping-portal-7fd4fdd6dd56

▸ RELATED WRITEUPS

The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover

APIGraphQL

Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

OAuthAccount takeover

Self XSS + Login CSRF + OAuth = Account Takeover

Auth BypassAccount takeover

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat