Pixel flood attack in https://riders.uber.com/profile
Unknown
Vulnerability Details
Hi,
It is the exact issue described here:
https://hackerone.com/reports/390
Where uploading lottapixel.jpg it causes your service to time out
HTTP/1.1 504 Gateway Time-out
Server: nginx
Date: Wed, 30 Mar 2016 02:29:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 13928
Connection: close
Just upload the attached picture as your profile picture and you will get a time out!
Actions
View on HackerOneReport Stats
- Report ID: 126826
- State: Closed
- Substate: informative
- Upvotes: 2