Open Aws Amazon S3 Buckets
Medium
M
Mapbox
Submitted None
Team Summary
Official summary from Mapbox
Security researcher @saad_ahmed reported two Mapbox owned S3 buckets with `public-read` ACL. One of these, `mapbox-js`, was `public-read` by design, the other however was not and subsequently was switched to a `private` ACL. Thank you again @saad_ahmed, we appreciate you keeping Mapbox security in mind.
Actions:
Reported by
saadahmedx
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$500.00
Submitted
Weakness
Improper Authentication - Generic