Hacker News new | ask | show | jobs
GitHub Access Token Exposure (hackerone.com)
1 points by Pyrobyte 793 days ago
2 comments
skilled 793 days ago
Title is misleading and it should have (2021) in it too.

Relevant,

Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopify software repos (https://www.theregister.com/2021/07/27/shopify_bug_bounty_pa...)

link
Pyrobyte 793 days ago
Yes sorry I saw it and literally clicked the share button to hacker news so I expected it to follow the right submission rules
link
Pyrobyte 793 days ago
Just a pretty nice exploit, he got paid 50,000 as a bounty for a simple piece of code with critical impacts.
link