bug-bounty431
xss283
google261
microsoft220
facebook194
apple141
rce139
malware103
exploit101
bragging-post94
account-takeover93
cve79
csrf77
authentication-bypass67
privilege-escalation62
access-control53
phishing51
dos49
defi48
smart-contract47
supply-chain46
browser45
ssrf44
cloudflare44
writeup44
ethereum44
open-source43
stored-xss42
sql-injection41
web339
input-validation37
web-security37
aws37
docker36
reverse-engineering35
ai-agents35
react34
api-security34
oauth33
smart-contract-vulnerability33
cross-site-scripting33
burp-suite32
reflected-xss32
information-disclosure31
idor31
race-condition30
node30
denial-of-service29
web-application28
clickjacking26
0
6/10
An IDOR vulnerability in Facebook Analytics allows users with analyst roles to access private dashboard charts by manipulating the 'chartID' parameter in a GraphQL request, disclosing chart names and data that should only be visible to the dashboard owner.
idor
insecure-direct-object-references
access-control
facebook
graphql
authentication-bypass
information-disclosure
private-data-exposure
Facebook Analytics
Sarmad Hassan
CVE not assigned