writeups.xyz / Client side validation strikes again: PIN code bypass !

Submitter : c2a

Date: 22 December 2018

Bounty : undisclosed

Vulnerabilities :

• Client-Side Enforcement of Server-Side Security
• Authentication Bypass
• Broken Authorization

Programs :

• Netflix
• Linxo

Authors :

• Davy (@RandoriSec)

Link :
http://blog.randorisec.fr/client-side-validation/