价值$5000美金的Facebook封闭小组成员列表泄漏漏洞
根据https://www.facebook.com/help/220336891328465所写,只有当前成员可以看到封闭小组的成员列表。
根据https://www.facebook.com/help/220336891328465所写,只有当前成员可以看到封闭小组的成员列表。
Join Unofficial Facebook Bug Bounty Group https://www.facebook.com/groups/bugbountygroup/
Description This bug could have let a malicious page analyst modify the availability of an item put up for sale by the page in a group linked to the page.
Description There is a call to add member as the moderator on a group. The call at the time didn’t seem to have any authorisation checks to page roles. A pag...
I find that a company implements cross-domain authentication using JSONP and cookies.There is the login flow: ``` GET /api/cross/getsign?callback=test HTTP/1...