third-party-integration

2 articles
Sort: New Top Best
clear filter
bug-bounty621 facebook431 xss316 google103 rce101 csrf60 microsoft59 web354 account-takeover53 writeup50 apple42 sqli41 cve35 ssrf34 exploit33 dos31 privilege-escalation28 defi28 cloudflare27 smart-contract-vulnerability25 idor24 subdomain-takeover24 ethereum23 clickjacking23 smart-contract23 vulnerability-disclosure21 access-control21 auth-bypass19 malware19 remote-code-execution18 lfi17 cors16 race-condition15 cloud15 reverse-engineering14 authentication-bypass14 solidity14 oauth12 browser12 info-disclosure12 aws12 sql-injection11 delegatecall11 denial-of-service11 phishing11 web-application-security10 vulnerability9 buffer-overflow9 web-security9 token-theft9
0
Airbnb chaining third party open redirect into SSRF via liveperson chat
vulnerability

Researchers discovered an SSRF vulnerability on Airbnb by chaining a third-party open redirect in LivePerson's chat integration, leveraging automated JavaScript endpoint discovery and LivePerson's visitorWantsToChat API parameter to redirect internal API requests to attacker-controlled URLs. Additionally, relative path traversal via encoded backslashes in the path parameter enabled access to non-API endpoints on the LivePerson domain.

ssrf open-redirect server-side-request-forgery path-traversal api-vulnerability third-party-integration liveperson javascript-reconnaissance endpoint-discovery vulnerability-chaining
Airbnb LivePerson Ben Sadeghipour Brett Buerhaus
buer.haus · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
Google VRP SSRF in Google cloud platform stackdriver
vulnerability

Ron Chan discovered an SSRF vulnerability in Google Cloud Platform's Stackdriver Debug feature that allowed attackers to intercept OAuth access tokens from Bitbucket, GitHub, or GitLab by exploiting an unvalidated URL parameter in the resource listing endpoint, which forwarded requests with the user's authorization token to arbitrary attacker-controlled servers.

ssrf server-side-request-forgery oauth token-theft google-cloud-platform stackdriver cloud-debugger third-party-integration api-security authorization-header-leakage csrf-protection access-token-exfiltration google-vrp
Google Cloud Platform Stackdriver Cloud Debugger GitHub GitLab Bitbucket Burp Collaborator Ron Chan Google Vulnerability Reward Program
ngailong.wordpress.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details