writeups.xyz / Gaining access to Uber's user data through AMPScript evaluation

Submitter : c2a

Date: 14 January 2019

Bounty : 23,000

Vulnerabilities :

• AMPScript Injection

Programs :

• Uber

Authors :

• Shubham Shah (@Infosec_au)

Link :
https://blog.assetnote.io/bug-bounty/2019/01/14/gaining-access-to-ubers-user-data-through-ampscript-evaluation/