{"id":1157,"date":"2022-06-18T13:40:59","date_gmt":"2022-06-18T13:40:59","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=1157"},"modified":"2024-06-30T13:59:14","modified_gmt":"2024-06-30T13:59:14","slug":"facebook-rewards-49500-for-critical-bug-on-the-instagram-app","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/","title":{"rendered":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n<h2>What is IDOR\/Broken Access-Control Vulnerability ?<\/h2>\n<p>Hey there, have you heard about <strong>IDOR or Broken Access Control<\/strong> vulnerability? No worries if you haven&#8217;t, let me explain it to you in simple terms. Basically, it&#8217;s a security issue that happens when an application doesn&#8217;t have proper checks and controls in place to prevent unauthorized access to data. This means that a hacker might be able to access sensitive information they shouldn&#8217;t be able to, like your personal information or even your bank account details.<\/p>\n<p>Developers need to make sure that access controls are set up properly and that object IDs aren&#8217;t predictable. This will make it much harder for attackers to get into the system and keep our data safe. So, it&#8217;s important for developers to take this issue seriously and make sure they&#8217;re doing everything they can to protect our information.<\/p>\n<p>&nbsp;<\/p>\n<h2>The Story<\/h2>\n<p><em><a href=\"https:\/\/secry.me\/explore\/m131\"><strong>Neeraj Sharma<\/strong><\/a>, a 20-year-old security enthusiast from India, found a<strong> critical bug<\/strong> on <strong>Instagram<\/strong> and received <strong>$49,500<\/strong> from <strong>Facebook<\/strong>. The vulnerability was related to the editing of reel cover photos, in which an attacker could change the reel thumbnails of any Instagram user by knowing their clips_media_id (Media ID of the reel).<\/em><\/p>\n<p>Neeraj started hunting on the Instagram app in December 2021, initially testing on Instagram Ads GraphQL API.<\/p>\n<p>After a long search, he couldn&#8217;t find any bug, so he started searching on the Instagram reels section. After spending some time with the target, he found the point where users can edit their reels cover photo or thumbnail.<\/p>\n<p>To test the vulnerability, Neeraj changed his reel thumbnail and intercepted all the HTTP requests using burp. After forwarding some requests, he discovered a vulnerable endpoint: POST \/api\/v1\/media\/configure_to_clips_cover_image\/ HTTP\/2.<\/p>\n<p>The vulnerability allowed attackers to change reel thumbnails using specific HTTP requests. An attacker could have potentially exploited this bug to cause significant harm to Instagram users, including high-profile accounts, businesses, or even social media influencers.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Sharma<\/strong> Rewarded $49500<\/h3>\n<p>The bug was disclosed to Facebook&#8217;s Security Team, which confirmed the vulnerability and rewarded Neeraj with a <strong>$49,500 bounty<\/strong> for his efforts.<\/p>\n<p>The reward demonstrated Facebook&#8217;s commitment to maintaining security and the importance of independent security researchers in helping companies identify and address potential vulnerabilities.<\/p>\n<p>In conclusion, Neeraj Sharma discovered a critical bug in Instagram that could have had far-reaching consequences. Through his efforts, he received a significant reward from Facebook and helped improve security for all Instagram users.<\/p>\n<p>&nbsp;<\/p>\n<h3>How to Prevent IDOR\/Broken Access-Control Vulnerability?<\/h3>\n<p>To prevent IDOR (Insecure Direct Object Reference) and Broken Access Control vulnerabilities, follow these comprehensive steps:<\/p>\n<ol>\n<li><strong>Implement Role-Based Access Control (RBAC)<\/strong><br \/>\nRBAC helps limit user access by assigning roles based on their tasks, preventing unauthorized access.<\/li>\n<li><strong>Use a Proper Session Management System<\/strong><br \/>\nSession management systems ensure correct authentication and authorization, preventing unauthorized access to sensitive information.<\/li>\n<li><strong>Use Unique Identifiers for Objects<\/strong><br \/>\nSession management systems ensure correct authentication and authorization, preventing unauthorized access to sensitive information.<\/li>\n<li><strong>Implement Access Control Checks<\/strong><br \/>\nImplement access control checks at various points in the system to ensure that users can only access data and functionalities that they are authorized to. These checks should include input validation and sanitization to prevent attackers from tampering with inputs and accessing unauthorized data.<\/li>\n<li><strong>Limit the Use of Direct Object References<\/strong><br \/>\nLimit the use of direct object references by using indirect references or mapping tables to link objects to authorized users. This way, attackers cannot easily manipulate URLs to access unauthorized objects.<\/li>\n<li><strong>Use Encryption<\/strong><br \/>\nEncrypt sensitive data both in transit and at rest to prevent unauthorized access to data. This can be achieved by using secure protocols such as HTTPS and SSL\/TLS.<\/li>\n<\/ol>\n<p>IDOR and Broken Access Control vulnerabilities can be prevented by implementing proper access control checks, unique identifiers for objects, and RBAC. Limiting direct object references and using encryption can also help prevent these types of vulnerabilities.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Link to read full write up: <\/strong><em><a href=\"https:\/\/secry.me\/explore\/hvnq\">here<\/a><\/em><\/p>\n<p><strong>Save the PDF <\/strong><a href=\"https:\/\/secry.me\/explore\/pdf-story\/IDOR\/How%20I%20found%20a%20Critical%20Bug%20in%20Instagram%20and%20Got%2049500$%20Bounty%20From%20Facebook%20_%20by%20Neeraj%20Sharma%20_%20Jun,%202022%20_%20InfoSec%20Write-ups.pdf\"><em>here<\/em><\/a><\/p>\n<div id=\"urban_overlay\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban_overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven&#8217;t, let me explain it to you in simple terms. Basically, it&#8217;s a security issue that happens when an application doesn&#8217;t have proper checks and controls in place to prevent unauthorized access to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1158,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[136,116,461],"tags":[13,117,451,119,447],"class_list":["post-1157","post","type-post","status-publish","format-standard","has-post-thumbnail","category-bug-bounty","category-idor","category-meta-bug-bounty","tag-bug-bounty","tag-facebook","tag-facebook-bug-bounty","tag-instagram","tag-meta-bug-bounty"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY<\/title>\n<meta name=\"description\" content=\"What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven&#039;t,\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY\" \/>\n<meta property=\"og:description\" content=\"What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven&#039;t,\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2022-06-18T13:40:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-30T13:59:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\"},\"headline\":\"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP\",\"datePublished\":\"2022-06-18T13:40:59+00:00\",\"dateModified\":\"2024-06-30T13:59:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/\"},\"wordCount\":662,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/2.png\",\"keywords\":[\"Bug Bounty\",\"Facebook\",\"Facebook Bug Bounty\",\"instagram\",\"Meta Bug Bounty\"],\"articleSection\":[\"Bug Bounty\",\"IDOR\",\"Meta Bug Bounty\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/\",\"name\":\"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/2.png\",\"datePublished\":\"2022-06-18T13:40:59+00:00\",\"dateModified\":\"2024-06-30T13:59:14+00:00\",\"description\":\"What is IDOR\\\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven't,\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/2.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/2.png\",\"width\":1280,\"height\":720,\"caption\":\"hacker-rewarded-49000-dollar-by-facebook\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY","description":"What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven't,","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/","og_locale":"en_US","og_type":"article","og_title":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY","og_description":"What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven't,","og_url":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2022-06-18T13:40:59+00:00","article_modified_time":"2024-06-30T13:59:14+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f"},"headline":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP","datePublished":"2022-06-18T13:40:59+00:00","dateModified":"2024-06-30T13:59:14+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/"},"wordCount":662,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png","keywords":["Bug Bounty","Facebook","Facebook Bug Bounty","instagram","Meta Bug Bounty"],"articleSection":["Bug Bounty","IDOR","Meta Bug Bounty"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/","url":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/","name":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png","datePublished":"2022-06-18T13:40:59+00:00","dateModified":"2024-06-30T13:59:14+00:00","description":"What is IDOR\/Broken Access-Control Vulnerability ? Hey there, have you heard about IDOR or Broken Access Control vulnerability? No worries if you haven't,","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2022\/06\/2.png","width":1280,"height":720,"caption":"hacker-rewarded-49000-dollar-by-facebook"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/facebook-rewards-49500-for-critical-bug-on-the-instagram-app\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"FACEBOOK REWARDS $49500 FOR CRITICAL BUG ON THE INSTAGRAM APP"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/1157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=1157"}],"version-history":[{"count":28,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/1157\/revisions"}],"predecessor-version":[{"id":4664,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/1157\/revisions\/4664"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/1158"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=1157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=1157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=1157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}