-
-
图片分享站点Pinterest爆漏洞,威胁数千万用户隐私
-
发表于:
2013-8-27 16:59
1223
-
图片分享站点Pinterest爆漏洞,威胁数千万用户隐私
新闻链接:
0ddK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3k6J5k6h3g2T1N6h3k6Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6i4N6K6i4K6u0r3x3e0t1H3x3e0c8Q4x3X3g2Z5N6r3#2D9
新闻时间: 2013-08-26
新闻正文:
interest是全球最大的图片社交分享网站,日前,国外安全研究员Dan Melamed发现Pinterest的一个安全漏洞,可能暴露该站的数千万用户的信息。Dan Melamed通过测试发现,该漏洞可以让黑客在Pinterest查看任意用户的电子邮件地址,如下URL:
c74K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2M7r3W2Q4x3X3g2H3K9h3&6@1k6i4u0W2M7%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6$3x3#2)9J5c8Y4g2K6k6i4u0K6i4K6u0r3L8h3g2Q4x3V1k6Q4x3@1k6S2j5$3y4W2M7%4y4Q4y4h3k6@1L8$3E0W2L8W2)9K6c8p5#2f1f1i4A6y4g2q4W2%4e0h3A6G2P5V1&6f1j5%4S2a6g2p5f1#2e0W2c8q4x3V1#2p5f1i4W2z5K9X3y4^5e0Y4A6U0y4V1#2F1N6%4S2y4P5X3x3K6e0f1c8k6y4p5!0p5e0i4W2a6K9V1q4@1e0q4c8q4x3R3`.`.
ZWJjNDg4NzYxYTFmZWIwZmU0ODcxYzc3ZWUyN2E2YTdhOWNlN2I=替换/me/中间的用户名,可以查看其他用户的电子邮件地址,如下面替换成Pinterest用户
8bdK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2M7r3W2Q4x3X3g2H3K9h3&6@1k6i4u0W2M7%4c8Q4x3X3g2U0L8$3#2Q4x3V1k6$3x3#2)9J5c8Y4g2K6k6i4u0K6i4K6u0r3M7r3W2F1N6r3g2J5k6i4y4@1i4K6u0r3i4K6y4r3j5h3y4U0k6i4y4K6i4K6g2X3N6r3!0C8k6h3&6Q4x3@1c8y4g2q4q4*7e0g2c8k6N6@1#2B7L8%4A6z5g2r3y4^5e0#2c8q4y4f1&6f1c8e0u0y4c8q4q4&6e0X3A6U0P5p5&6*7j5K6k6y4L8Y4N6^5e0i4A6U0x3@1#2p5h3e0c8a6c8p5#2&6e0$3A6m8N6p5I4f1c8e0u0K9g2@1A6B7e0V1c8Y4y4p5&6*7h3i4S2k6g2p5k6E0h3W2N6u0N6#2A6E0g2e0m8a6c8r3y4^5h3i4A6U0x3#2A6i4g2i4W2z5x3V1f1J5h3g2c8V1K9p5!0i4e0X3I4z5x3V1W2Q4x3@1c8p5j5h3^5`. Melamed表示,Pinterest反应速度还是非常快的,该漏洞已经修复,并且在Pinterest Heroes List页面上感谢了Dan Melamed。
转载请注明出自: FreebuF.COM
[培训]科锐逆向工程师培训第53期2025年7月8日开班!
