The second report is closed as informative that means it's not a valid bug. for this to be impactful the attacker has to redirect the user to his malicious page than steal those tokens using the Referer header from the victim request.
@@Medusa0xf If you take a look again at the report you will see that it's closed as informative that means it's not a vulnerability, as he didn't show a real exploit senario, and it's not vulnerable to man-in-the-middle attack because it's secured as https method. Btw are you active on hackerone?
Médusa you’re just the best. Your explanations of complex processes are second to none. Please keep up with this series. This is a real gem 💎
Means a lot 💚
The time it'd have taken to edit this, goddamn. Keep up the content meds.
Thanks ❤
Wow ❤nice explanation
Thanks!
i really like this type of video really cool keep it like this simple and give us examples thank u
glad!
Nice explanation ❤
Hope it helped!
Great content ❤
thank you!
شكرا؟ = thanks
🤩
The second report is closed as informative that means it's not a valid bug. for this to be impactful the attacker has to redirect the user to his malicious page than steal those tokens using the Referer header from the victim request.
that's another case in itself 😄
@@Medusa0xf If you take a look again at the report you will see that it's closed as informative that means it's not a vulnerability, as he didn't show a real exploit senario, and it's not vulnerable to man-in-the-middle attack because it's secured as https method.
Btw are you active on hackerone?
i love your voice