The scope of Uber's bug bounty program was updated after this report was submitted so that does not count.
At the time of the exploit, there was only one check, the MX record. Also once I claimed the domain, another user cannot claim it from their account. So this could be exploited silently as well because the victimized…
Hi thank you for the post. If anyone has question, feel free to reach out to me here or at uranium@uraniumhacker.tech. As a writer of this blog, I will be able to provide the feedback necessary and clear any…
The scope of Uber's bug bounty program was updated after this report was submitted so that does not count.
At the time of the exploit, there was only one check, the MX record. Also once I claimed the domain, another user cannot claim it from their account. So this could be exploited silently as well because the victimized…
Hi thank you for the post. If anyone has question, feel free to reach out to me here or at uranium@uraniumhacker.tech. As a writer of this blog, I will be able to provide the feedback necessary and clear any…