Instagram Android App Security Vulnerabilities

Published in:

Bugtraq mailing list


After the Instagram iOS vulnerability discovered last year, the app’s HTTP API has been extended with a cryptographic authentication for changes like “likes” and deletes. However, the implementation of this authentication is flawed in two ways, making it possible to “like” or delete pictures in the name of another user, once his credentials have been sniffed over plain-text HTTP…

More information

Diese Website verwendet nur ein technisch notwendiges Cookie (zur Speicherung der Kenntnisnahme dieser Meldung) und sonst keine weiteren. Weitere Informationen finden Sie in unserer Datenschutzerklärung.