Full account takeover through referral code.

Share/Referring code parameter was an indicator to the web application that the account is a new one.

The application was redirecting me to the account after signing up if a share code is sent with the request even if the account was already existing in their system.

  • August 20,2018 — Bug reported
  • August 20,2018 — Bug triaged
  • August 22,2018 — Bounty rewarded 700$
  • August 23,2018–Report resolved

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mostafa Mamdoh

Mostafa Mamdoh

I’m a Penetration Tester, Bug Hunter @ HackerOne