Access to some Slack workspace metadata and settings available to unauthorized parties
S
Slack
Submitted None
Team Summary
Official summary from Slack
In April 2016, @secalert alerted us to a vulnerability which may have allowed access to some Slack workspace metadata and settings to unauthorized parties. We implemented an initial fix within minutes, and a complete fix within two weeks. Nothing further is required from users to be protected. Thank you to @secalert for finding this!
Actions:
Reported by
secalert
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$7000.00
Submitted
Weakness
Improper Authentication - Generic