Private and group tokens per minute endpoint active for disabled users
Low
C
Chaturbate
Submitted None
Team Summary
Official summary from Chaturbate
The hacker found that the private and group show rate endpoints where still active when an account was disabled. This was resolved. The endpoints only disclosed the rate for these shows.
Actions:
Reported by
encrypt
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$150.00
Submitted
Weakness
Improper Access Control - Generic