Unauthorised access to olx.in user accounts.
Unknown
Vulnerability Details
Me and my friend, Ekansh, have found a severe security bug in your website, http://olx.in. Using this loophole one can gain full access to user accounts and perform actions like add/edit/delete ads and even delete the account itself.
Please find below attached video report and an accompanying pdf report showcasing the details of how we performed the attack, what are the possible impacts and an analysis of how easily and fast it can be achieved for many many users.
Actions
View on HackerOneReport Stats
- Report ID: 155130
- State: Closed
- Substate: resolved
- Upvotes: 9