writeups.xyz / Stealing User’s PII info by visiting API endpoint directly

Submitter : c2a

Date: 16 November 2020

Bounty : 500

Vulnerabilities :

• Information Disclosure
• Logic Flaw

Programs :

• Undisclosed

Authors :

• Kunal Pandey (@Kunalp94)

Link :
https://web.archive.org/web/20201116060315/https://medium.com/@kunal94/stealing-users-pii-info-by-visiting-api-endpoint-directly-5062e0147f67