Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Authentication Bypass on Uber’s Single Sign-On via Subdomain Takeover
(
arneswinnen.net
)
11 points
by
louis-paul
on July 12, 2017
|
hide
|
past
|
favorite
|
2 comments
eterm
on July 13, 2017
[–]
I find it concerning that the original report apparently "fell through the cracks" and had to be chased up with Uber.
breakingcups
on July 13, 2017
|
parent
[–]
And somehow they did reward it with a $500 bounty before it fell through the cracks, and a $4500 bounty after it was rediscovered.
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
