Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5287My Experience with the PayPal Bug Bounty Programme CSRF Paypal Jack Whitton (@fin1te) Bug Bounty2012-10-122023-06-13
5285Persistent XSS on myworld.ebay.com XSS Ebay Jack Whitton (@fin1te) Bug Bounty2013-01-272023-06-13
5284Framing, Part 1: Click-Jacking Etsy Clickjacking Etsy Jack Whitton (@fin1te) Bug Bounty2013-02-052023-06-13
5281Stealing Facebook Access Tokens with a Double Submit CSRF OAuth Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-04-132023-06-13
5279Overwriting Banner Images on Etsy Authorization flaw Etsy Jack Whitton (@fin1te) Bug Bounty2013-05-212023-06-13
5278Hijacking a Facebook Account with SMS Authorization flaw Account takeover Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-06-262023-06-13
5271Removing Covers Images on Friendship Pages, on Facebook Authorization flaw Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-09-252023-06-13
5268Content Types and XSS: Facebook Studio XSS Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-10-212023-06-13
5264Instagram%27s One-Click Privacy Switch CSRF Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2013-10-312023-06-13
5260Abusing CORS for an XSS on Flickr XSS Flickr Jack Whitton (@fin1te) Bug Bounty2013-12-122023-06-13
5215Bypassing Google Authentication on Periscope%27s Administration Panel Authentication bypass Google Jack Whitton (@fin1te) Bug Bounty2015-07-202023-06-13
5198An XSS on Facebook via PNGs & Wonky Content Types XSS Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2016-01-272023-06-13
5189Uber Bug Bounty: Turning Self-XSS into Good-XSS XSS Uber Jack Whitton (@fin1te) Bug Bounty2016-03-222023-06-13
5186Obtaining Login Tokens for an Outlook, Office or Azure Account CSRF Microsoft Jack Whitton (@fin1te) Bug Bounty2016-04-032023-06-13
5153Messenger.com Site-Wide CSRF CSRF Meta / Facebook Jack Whitton (@fin1te) Bug Bounty2016-07-262023-06-13