Facebook IDOR bug in GraphQL

Apr 29, 2019Channel
AI Analysis
Data from YouTube Data API v3Updated Just now

Video Overview

Video Details

PublishedApr 29, 2019
Duration1:48
Video IDlY_5FHhRVko
Languagear
CategoryScience & Technology
PrivacyPublic
Made for KidsNo
Video TypeRegular Video

Performance Metrics

Views11.9K
Likes290
Comments76
Engagement Rate3.07%
Likes per 100 views2.43
Comments per 1K views6.37

Description

Acknowledged by "FaceBook" Security Team Today in Amman, Jordan Got acknowledged by Facebook Security Team After discovering a security issues in a "portal" store "https://portal.facebook.com" A store dedicated to the sale of "Portal and Portal+" devices provided by Facebook recently. The vulnerability type "IDOR": allows any potential attacker to change the account settings for another user حصلت على أعتراف من الفريق الامني في شركه فيسبوك بعد أبلاغي عن خلل أمني متجر https://portal.facebook.com المخصص لبيع أجهزة الاتصال portal & portal+ التي وفرتها فيسبوك مؤخرا. نوع الثغره "IDOR" تسمح لأي مهاجم محتمل بتغير اعدادت الحساب لاي مستخدم اخر على خدمة https://portal.facebook.com PoC : https://youtu.be/lY_5FHhRVko HOF : https://web.facebook.com/whitehat/thanks/ Timeline: 10/10/2018 Me, Submitted Report 15/10/2018 FB, Need More Info and Sent a reply 18/10/2018 FB, Need More Info and Sent a reply 22/10/2018 FB, Reproduce my report 25/10/2018 FB, Report Triaged 07/11/2018 Me, Ask any update? 14/12/2018 Me, Ask Any Update? 25/01/2019 Me, Ask Any Update? 26/02/2019 Me, Ask Any Update? 26/02/2019 FB, Apologize to daley!! 01/03/2019 Me, ask any update? 15/04/2019 Me, ask any update? 15/04/2019 FB, Issue Fixed and confirm 29/04/2019 FB, bounty awrded

Related Videos

More videos from Update - أب ديت