Alhamdulillah, I was awarded a $1,000 bounty on @Hacker0x01! #Bug: unauthorized access #TogetherWeHitHarder #hackerone #bugbounty

@MiniMjStar @Hacker0x01 actually kind of same but fetched data from a feature called planning console

@kingcoolvikas @Hacker0x01 yes

@MiniMjStar @Hacker0x01 I was trying access control issues so I was collecting endpoints. Then I got a GET request which wasn't vulnerable then I changed it to POST & mistakenly made the request with user old session then I got the issue. So, here the POST request was vulnerable to unauthenticated acces

Alhamdulillah, I was awarded a $1,350 bounty on @Hacker0x01! #Bug: Access control 🔥 #Tips: find out api endpoints from admin account then try to access them from low privilege user account #TogetherWeHitHarder #hackerone #bugbountytips #bugbounty

@x0xHasan @Hacker0x01 Je kono ekta issue te nijer mindmap ta onek strong kor

@badhacker0x1 @Hacker0x01 Keep hunting sir...paiya jaiba🥹

@L3onid1s @Hacker0x01 Me your big fan sir 🥹🙏

@KaafUzair @Hacker0x01 🙏

@0xraselrana @Hacker0x01 Big fan of your sir🥹

@AbdAderoju @Hacker0x01 @L3onid1s Thanks bro❤️

@L3onid1s @Meta Jhut maat bonla sir...pap lage ga pap🥹

@L3onid1s @Meta No sir🥹me learning hamking from you🫡🫡

@L3onid1s @Meta Meri Guruji🥹🫡

@L3onid1s @Hacker0x01 Areh meri guruji big fan of you sir🥹🫡

@Proxy936623 @Hacker0x01 @L3onid1s Thanks bro

@being__aman @Hacker0x01 @L3onid1s Private program bro

@shakti_sec @Hacker0x01 @L3onid1s Thanks bro ❤️