Got Nice catch by Google

Missing State Parameter
  1. Open Redirection
  2. Oauth CSRF
  1. Always try to make higher impact and chain multiple bug
  2. Always read carefully about scope Always always always..(Otherwise no bounty)
  3. Never Give up

--

--

--

Security researcher who love to find bugs

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Fix ERR_CONNECTION_RESET Error — 6 Tried and Trusted Ways

How to Hide Files and Folders on Mac

CVE + MITRE ATT&CK® to Understand Vulnerability Impact

{UPDATE} Tappy Dunk! - Nuovi Giochi Hack Free Resources Generator

Stake THETA to GPooL’s Guardian Node using THETA Mobile Wallet (v3.0.1)*

✅ Withdraw Approved

How to Setup MetaMask with DeFi Wallet Seed

Web App Penetration Tests With AWS

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Parth Desani

Parth Desani

Security researcher who love to find bugs

More from Medium

The Terror of Log4j and Why should you be bothered?

Luniverse 2.0 Supports Hyperledger Fabric!

CSP frame-ancestors vs. X-Frame-Options for Clickjacking prevention

LOG4SHELL THREAT BRIEF