Manipulation of exam results at Semrush.Academy
Medium
S
Semrush
Submitted None
Team Summary
Official summary from Semrush
The researcher was able to bypass the exam process. By replacing the exam results with the correct ones, as the body of the request was JSON. After sending the request with the correct results, the researcher received a certificate.
Actions:
Reported by
r0hack
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Business Logic Errors