I Could Have Hacked All Uber Accounts- But I Chose to Report it Instead

Written by appsecure | Published 2019/09/13
Tech Story Tags: uber | bug-bounty | api | bounty | latest-tech-stories | hacked-all-uber-accounts | hacked-uber-accounts | getting-user-of-uuid-uber-user

TLDR This is being published with the permission of Uber under the responsible disclosure policy. The vulnerability detailed in this blog post is being disclosed by Anand Prakash of AppSecure. This was plugged quickly by the security team at Uber. This issue is similar to Facebook’s access token leak which was discovered last year https://techcrunch.com/2018/09/28/facebook-says-50-million-accounts-affected-by-account-takeover-bug/via the TL;DR App
no story
Written by appsecure | Founder PingSafe.
Published by HackerNoon on 2019/09/13
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy