|
|
|
|
|
|
by meowface
4655 days ago
|
|
|
He did not exploit a software flaw or a platform flaw, however he exploited an information disclosure / access separation EXPOSURE. Exploiting just means "taking advantage of something." He did exploit the fact that AT&T did not make the endpoint in question accessible only if the logged-in user matched the actual user ID (or just made it entirely inaccessible). |
|
|