privacy-bypass

1 article
Sort: New Top Best
clear filter
bug-bounty622 facebook464 xss316 google152 rce105 microsoft98 apple66 csrf61 account-takeover54 web354 writeup51 exploit42 sqli41 cve37 ssrf35 cloudflare33 dos33 malware29 privilege-escalation29 defi28 smart-contract-vulnerability25 subdomain-takeover24 idor24 clickjacking23 ethereum23 smart-contract23 node22 access-control21 vulnerability-disclosure21 browser20 auth-bypass20 aws19 lfi19 remote-code-execution18 react17 reverse-engineering17 cloud17 oauth16 docker16 cors16 race-condition16 info-disclosure15 solidity14 authentication-bypass14 supply-chain13 phishing13 wordpress12 denial-of-service11 sql-injection11 delegatecall11
0 5/10
Instagram Notes Audio Leakage via URL Extraction
bug-bounty

A data sanitization vulnerability in Instagram Web's Notes feature allowed users to extract original video files with audio by copying the video URL from browser DevTools, bypassing the intended silent playback design. The vulnerability was specific to certain server nodes and was fixed after responsible disclosure to Meta, earning a $1,000 bounty.

privacy-bypass audio-leakage url-extraction web-vulnerability instagram data-sanitization bug-bounty responsible-disclosure frontend-bypass meta
Instagram Meta Javier González Casares Case ID: 3950957211809485
github.com · i12gocaj · 5 hours ago · details