.png)
3 years ago
187 BOOK THIS SPACE FOR AD
ARTICLE ADOn 27 Sep 2020 i was planning to do nothing, i was so lazy but i’m bored just lying in my bed so i guest to start hunting some bugs with my laptop.
I was looking on some program in Bugcrowd and i came across to Moneytree Bug Bounty Program, there’s many In Scope domain(s) so i guest starting to find some vulnerabilities on these domain(s).
I came across to this domain
https://myaccount-staging.getmoneytree.com/
Then i registering a new account, after register a new account, i logged into the website using my registered account and i saw access_token in the Url.
https://app-staging.getmoneytree.com/#access_token=[Token]&token_type=bearer&expires_in=3600&client_id=[Client ID]&continue=%2Fapp%2Ftrends%2Fnet-worth&locale=en&configs=sdk_platform%3Djs%3Bsdk_version%3D1.3.0
My mind crossed a Session Fixation vulnerability, so i copy the full Url and save it to my Sublime Text.
After that i clearing my browser history and paste the full Url on my browser to see if i got Session Fixation vulnerability and it was vulnerable! Woah!
I quickly reported the vulnerability through the Moneytree Bug Bounty Program at Bugcrowd.
On 29 Sep 2020 12:00 (GMT +7) I got an email notification that my report was previously reported on 10 Feb 2020 21:06:43 (GMT +7), I started to ask why the vulnerability hasn’t been fixed after 7 months? hmm, wheter the developer was too lazy to fix it or maybe there’s something else. But it’s OK
Here’s the PoC video :
Time Line :
27 Sep 2020 - Initial Report29 Sep 2020 - DuplicateThanks for reading my story, i hope you enjoy it. See you on the next story ☺️☺️
Follow me on :
Facebook : https://fb.me/novan.rmd123
Instagram : https://instagram.com/novan.rmd
Twitter : https://twitter.com/novan_rmd
Bengali (Bangladesh) · 
English (United States) ·