Chain of IDORs Between U4B and Vouchers APIs Allows Attackers to View and Modify Program/Voucher Policies and to Obtain Organization Employees' PII

Disclosed: 2022-04-07 20:49:44 By hunt4p1zza To uber

High

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 1148697
State: Closed
Substate: resolved
Upvotes: 56

Share this report