idor
26 ogledov
2 razprav
Vroče
Najnovejše
Security Finding @Binance Square Official @Daniel Zou (DZ) 🔶
Discovered potential IDOR/information disclosure in Binance Creatorpad leaderboards.
URL pattern:
/creatorpad/{project}global/leaderboard
Simply changing {project} (dusk→xpl→vanar etc.) reveals different project leaderboards without access control checks.
🔓 Risk: Unauthorized access, project enumeration, early data exposure.
#Cybersecurity #BinanceSecurity #WebSecurity #IDOR
Discovered potential IDOR/information disclosure in Binance Creatorpad leaderboards.
URL pattern:
/creatorpad/{project}global/leaderboard
Simply changing {project} (dusk→xpl→vanar etc.) reveals different project leaderboards without access control checks.
🔓 Risk: Unauthorized access, project enumeration, early data exposure.
#Cybersecurity #BinanceSecurity #WebSecurity #IDOR
Prijavite se, če želite raziskati več vsebin