Hello guys, Hope all are doing good. I’m Abhisek,here a small write up on CSRF vulnerability I found in a Bug Bounty program. Don’t worry new people, Its beginner friendly.
Since I’m not supposed to disclose the site, Let’s take redacted[dot]com as our target. Okay, moving ahead.
First of all, What does Cross-Site Request Forgery (CSRF) mean? On simple words. It is kind of a one click attack, where a malicious request is submitted by the victim without his/her knowledge which may lead to occurrence of sensitive actions. If you like to learn more 😃 Follow the link ➡ CSRF
…
Recently I was been working on Facebook Whitehat program and I wanted to explain a bug which I found — OPEN REDIRECT
Hey, hope all are good. I’m Abhisek here
Disclaimer: This is for educational purposes only. I’m not in any way liable for any misuse.
When I was looking for low hanging bugs on Facebook, open redirect was the one which attracted me. So quickly launched Facebook and looked the requests sent during the process of redirection.
Cyber Security Researcher, Love your passion HACKING :)