url-extraction

1 article

Sort: New Top Best

bug-bounty622 facebook464 xss316 google151 rce105 microsoft97 apple65 csrf61 account-takeover54 web354 writeup51 exploit42 sqli41 cve37 ssrf35 cloudflare33 dos33 malware29 privilege-escalation29 defi28 smart-contract-vulnerability25 idor24 subdomain-takeover24 ethereum23 smart-contract23 clickjacking23 access-control21 node21 vulnerability-disclosure21 browser20 auth-bypass20 lfi19 aws19 remote-code-execution18 react17 cloud17 reverse-engineering16 cors16 docker16 oauth15 info-disclosure15 race-condition15 solidity14 authentication-bypass14 supply-chain13 phishing13 wordpress12 denial-of-service11 sql-injection11 delegatecall11

0 5/10

Instagram Notes Audio Leakage via URL Extraction

bug-bounty

A data sanitization vulnerability in Instagram Web's Notes feature allowed users to extract original video files with audio by copying the video URL from browser DevTools, bypassing the intended silent playback design. The vulnerability was specific to certain server nodes and was fixed after responsible disclosure to Meta, earning a $1,000 bounty.

privacy-bypass audio-leakage url-extraction web-vulnerability instagram data-sanitization bug-bounty responsible-disclosure frontend-bypass meta

Instagram Meta Javier González Casares Case ID: 3950957211809485

github.com · i12gocaj · 5 hours ago · details