Instagram Photo Upload and Flattr Money Redirection Vulnerability

Published in:

Bugtraq mailing list

 

Excerpt:

We discovered two new security flaws in Instagram.

With these vulnerabilities Mallory is able to upload photos into Alice’s account and, much more significant, steal money if Alice linked her Instagram account to Flattr. Normally this feature provides the ability for Alice to flattr the photos she “likes”. The fact that Mallory can “like” photos in Alice’s name gives her the ability to flattr content in the name of Alice. Mallory can now create her own Instagram account, link it with her Flattr, upload random photos and flattr these photos with Alice’s Instagram account to get money from her…

More information

Diese Website verwendet nur ein technisch notwendiges Cookie (zur Speicherung der Kenntnisnahme dieser Meldung) und sonst keine weiteren. Weitere Informationen finden Sie in unserer Datenschutzerklärung.