Friday, November 13, 2015

Stored XSS in Parse (Bug Bounty)

I found a Stored Cross Site Scripting vulnerability in Parse, a Facebook Acquisition. The Stored XSS was located in the App dashboard. I have reported it to Facebook and have rewarded me with a $1000 bounty and I was also listed in their "Whitehat List" for the year 2015. The issue was fixed by the Facebook security team. Here is the video for more details. 
WhiteHat list:





No comments:

Post a Comment