Upload profile photo from URL

Disclosed: 2014-02-15 03:07:33 By zurke To security

Unknown

Vulnerability Details

Using this vulnerability users can upload images from any image URL. Just change upload type using inspect element (from "type=file" to "type=url") , paste URL in text field and hit enter or click on "Update Profile". Your profile photo will be changed to photo from URL. P.S Im sorry for my bad english.

Actions

View on HackerOne

Report Stats

Report ID: 713
State: Closed
Substate: resolved
Upvotes: 34

Upload profile photo from URL

Vulnerability Details

Actions

Report Stats

Share this report