Hey UserID x, what’s your secret token? Broken API enables me to leak/modify any users personal information

Sean (zseano)
Jul 13, 2017 · 3 min read

Sean (zseano)

Written by

UK WebApp Security Researcher. Creator of https://www.bugbountynotes.com/ — designed to help people learn and get involved with hacking.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade