Summary
- A vulnerability with a login functionality allowed the author, a bug bounty hunter, to perform illegal actions on a target website.
- The hunter was not specifically looking for this vulnerability but discovered the issue during the target’s subdomain research.
- After discovering the vulnerability, the hunter tried to log out but realised that the button was fake, a front fascia without functionality.
- This caused the hunter to be logged in forever, giving them the ability to access sensitive data and to perform authentication bypass.
- The author has since logged out and informed the target company of the issue, resulting in a cash payout.
- The issue arose from poor session management by the target company.
By Iski
Original Article