Full Disclosure mailing list archives
Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability
From: Julius Kivimäki <julius.kivimaki () gmail com>
Date: Fri, 13 Feb 2015 08:41:19 +0200
Even though deleting everything is kind of a big deal, it still does not get you anywhere near that CVSS score. Here's my very generous calculator inputs: http://puu.sh/fQVB5/76c526ed5d.png _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Vulnerability Lab (Feb 11)
- Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Scott Arciszewski (Feb 11)
- Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Alfie John (Feb 12)
- Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Julius Kivimäki (Feb 12)
- Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Alfie John (Feb 12)
- Re: Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability Scott Arciszewski (Feb 11)