This time I have for you more than one bug bounty report. It’s three reports in total but all of them affect the same functionality and are tightly correlated. They led to the auth bypass and account takeovers on Shopify and exploited email confirmation flow.

Report links:


Reconless channel:

Follow me on twitter:

00:00 Intro
00:33 verifying someone’s email address
01:28 exploiting email confirmation vulnerability
02:06 first fix
03:50 limited impact and third report
05:20 escalating the impact

#auth #bypass #shopify #hackerone #ato #account #takeover

Add comment

Your email address will not be published. Required fields are marked *