Leak of authorization urls leads to account takeover
B
Bumble
Submitted None
Team Summary
Official summary from Bumble
The researcher was able to pass verification to another account by finding confirmation data in response from the server.
Actions:
Reported by
0x3c3e
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Violation of Secure Design Principles