Instagram Photo Upload and Flattr Money Redirection Vulnerability

Published in:

Bugtraq mailing list

 

Excerpt:

We discovered two new security flaws in Instagram.

With these vulnerabilities Mallory is able to upload photos into Alice’s account and, much more significant, steal money if Alice linked her Instagram account to Flattr. Normally this feature provides the ability for Alice to flattr the photos she „likes“. The fact that Mallory can „like“ photos in Alice’s name gives her the ability to flattr content in the name of Alice. Mallory can now create her own Instagram account, link it with her Flattr, upload random photos and flattr these photos with Alice’s Instagram account to get money from her…

More information

Um unsere Webseite für Sie optimal zu gestalten und fortlaufend verbessern zu können, verwenden wir Cookies. Durch die weitere Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu.