WRITEUP #5739

CSRF account takeover Explained Automated/Manual — Bug Bounty

CSRFAccount takeover

byVulnerables

Bounty

250

Program

OpenMenu

Published

Oct 26, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20191217012635/https://medium.com/bugbountywriteup/csrf-account-takeover-explained-automated-manual-bug-bounty-447e4b96485b

▸ RELATED WRITEUPS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

XSSSelf-XSS

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat