Published inLegionHuntersHow I Found an Authentication Bypass in a Dev EnvironmentThis writeup is about how I found an authentication bypass during one of my bug bounty sessions.Apr 7Apr 7
Account Takeover via postMessageThis write-up is about how I found that one line of JavaScript code was leading to an account takeover. The target has its own bug bounty…Mar 111Mar 111
