Indian developer awarded $30,000 for finding this Instagram bug - Sourin Mitra & Teams Blog

Breaking

{ads}

Wednesday 16 June 2021

Indian developer awarded $30,000 for finding this Instagram bug

An Indian developer has been awarded a bounty of $30,000 by Instagram for flagging a bug that could allow any to view archived posts, Stories, Reels and IGTV without following the user — when the profile of the former is private. The Indian developer, Mayur Fartade, detailed the issue in a post on Medium. He said this bug could allow a potential attacker to “to regenerate valid cdn url of archived stories and posts. Also by brute-forcing Media ID’s, the attacker was able to store the details about specific media and later filters which are private and archived.”

via ©Times Of India

No comments:

Post a Comment