writeups.xyz / Bypassing CORS configurations to produce an Account Takeover for Fun and Profit

Submitter : c2a

Date: 13 February 2023

Bounty : undisclosed

Vulnerabilities :

• CORS Misconfiguration
• Account Takeover

Programs :

• Undisclosed

Authors :

• Josh Fam (@Pullerze)

Link :
https://pullerjsecu.medium.com/bypassing-cors-configurations-to-produce-an-account-takeover-for-fun-and-profit-3e50c3f2a124