An $25 Easy Bug.

Navneet
Navneet
Dec 12, 2019 · 1 min read

This post is about a security bug i have found in one of the bug bounty program which was very easy to find and accepted by the company which leads to $25 bounty.


So, i was exploring the programs at openbugbounty.org where i got a website which have responsible disclosure. So, i decided to look for the bugs at that website.

So , after login i notice there was a button which allows user to delete his/her account. Which gives me the idea to test for “failure to invalidate session after deletion of account”


So , i try to look for some other domain of the website which uses the same credentials for login. And luckily I found one.

So, the functionality/flow was like this

  • User login using account.SomeWebsite.com
  • Then , also login at forums.SomeWebsite.com with same credentials.
  • Now , once you delete the user account from accounts.SomeWebsite.com
  • Still, session at forums.SomeWebsite.com is usable and also even able to post the commente and can perform other functionalities.
  • Also tried it with two different browser , login on both domain from both the browser then deletes from one browser and closed it. Still, session on other browser was usable.

Submitted the report and thought this will not be accepted but i give a try and they accepted it, fixed it and gave $25. Few days back i have found same issue with their another domain and got another $25. So ,it is now “A Easy $50 bug”

Feedback and comments are welcomed.

    Navneet

    Written by

    Navneet

    I am a Computer Science - Information Security student.

    Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
    Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
    Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade