Stored XSS on auth.uber.com/oauth/v2/authorize via redirect_uri parameter leads to Account Takeover

Disclosed: 2021-02-25 22:28:30 By corb3nik To uber

Medium

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 397497
State: Closed
Substate: resolved
Upvotes: 46

Share this report