chat-groups

1 article
Sort: New Top Best
clear filter
bug-bounty622 facebook466 xss316 google157 microsoft104 rce102 apple62 csrf60 web355 account-takeover53 writeup51 exploit43 sqli41 dos34 ssrf34 cve33 cloudflare32 privilege-escalation29 defi28 malware26 smart-contract-vulnerability25 idor25 node25 subdomain-takeover24 clickjacking23 smart-contract23 ethereum23 access-control21 vulnerability-disclosure21 auth-bypass19 reverse-engineering19 react19 remote-code-execution18 aws18 lfi18 cloud17 cors17 info-disclosure16 oauth16 race-condition16 supply-chain15 docker14 authentication-bypass14 solidity14 browser13 phishing13 denial-of-service11 sql-injection11 delegatecall11 wordpress10
0
A Race condition bug in Facebook chat groups
vulnerability

A race condition vulnerability in Facebook chat groups allows an attacker to become invisible in group conversations while maintaining full read/write access and the ability to add/remove users without triggering read receipts. By rapidly adding and removing a target user from a group conversation, an attacker can exploit timing flaws to spy on private group messages undetected.

race-condition facebook chat-groups group-conversations information-disclosure eavesdropping timing-attack fuzzing bug-bounty responsible-disclosure
Facebook Seif Elsallamy Seekurity Mail.ru CVE-2017-17713 CVE-2017-17714 Trape Boxug
seekurity.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details