{"id":4603,"date":"2024-06-20T08:14:11","date_gmt":"2024-06-20T08:14:11","guid":{"rendered":"https:\/\/secry.me\/explore\/?p=4603"},"modified":"2024-06-30T13:58:51","modified_gmt":"2024-06-30T13:58:51","slug":"meta-bug-bounty-oculus-account-takeover-vulnerability-discovered","status":"publish","type":"post","link":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/","title":{"rendered":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered"},"content":{"rendered":"<div class=\"c7f5092f831f91fb6af859cc3a8052cc\" data-index=\"4\" style=\"float: none; margin:10px 0 10px 0; text-align:center;\">\n<script async src=\"https:\/\/securepubads.g.doubleclick.net\/tag\/js\/gpt.js\"><\/script>\r\n<script>\r\n  window.googletag = window.googletag || {cmd: []};\r\n  googletag.cmd.push(function() {\r\n    googletag.defineSlot('\/22608490431\/iklan1', [[320, 100], [300, 50]], 'div-gpt-ad-1696178236578-0').addService(googletag.pubads());\r\n    googletag.pubads().enableSingleRequest();\r\n    googletag.enableServices();\r\n  });\r\n<\/script>\r\n<!-- \/22608490431\/iklan1 -->\r\n<div id='div-gpt-ad-1696178236578-0' style='min-width: 300px; min-height: 50px;'>\r\n  <script>\r\n    googletag.cmd.push(function() { googletag.display('div-gpt-ad-1696178236578-0'); });\r\n  <\/script>\r\n<\/div>\n<\/div>\n<h3>Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability<\/h3>\n<p><strong>Oculus Account Takeover<\/strong> &#8211; A critical security vulnerability was discovered by <a href=\"https:\/\/secry.me\/explore\/tag\/bug-hunter\/\">bug hunter<\/a> <a href=\"https:\/\/www.google.com\/search?q=Youssef+Sammouda\">Youssef Sammouda<\/a> on January 19, 2023, which potentially allowed malicious actors to steal access tokens and gain unauthorized access to Facebook and Oculus accounts. The vulnerability stemmed from the Oculus application&#8217;s use of a redirect URI, <em>auth.oculus.com\/login\/<\/em>, which was previously a valid endpoint for logging in to Oculus using Facebook accounts.<\/p>\n<p>However, after Oculus switched to using Meta Accounts for login, the endpoint would redirect to <em>auth.meta.com\/oidc\/<\/em> for login and then back to <em>auth.oculus.co<\/em>m. This change removed a crucial protection against <strong>token leakage<\/strong>, making it possible for an attacker to steal the access token and use it to access the victim&#8217;s Facebook and Oculus accounts.<\/p>\n<p>The bug hunter explained that the vulnerability was relatively simple to exploit. The attack involved tricking the victim into logging into their Meta account through a login CSRF, then redirecting them to a malicious URL that would steal the access token. The token would then be leaked to a third-party application, potentially allowing the attacker to gain full access to the victim&#8217;s accounts.<\/p>\n<p>The bug hunter reported the vulnerability to Meta on August 27, 2022, and it was acknowledged and fixed on September 25, 2022. Meta awarded the bug hunter a bounty of <strong>$44250<\/strong> for discovering and reporting the critical vulnerability Oculus Account Takeover.<\/p>\n<p>This incident highlights the importance of prioritizing security and performing thorough testing when implementing changes to authentication systems. Meta&#8217;s prompt response and acknowledgement of the vulnerability demonstrate their commitment to protecting user accounts and ensuring the security of their platforms.<\/p>\n<div class=\"x1e56ztr\"><strong><span class=\"x193iq5w xeuugli x1fj9vlw x13faqbe x1vvkbs xt0psk2 xt4736n x1havqas x1f0sm9e x12qp5cl xzsf02u x1yc453h\">&#8211;Meta bug bounty program<\/span><\/strong><\/div>\n<p>&nbsp;<\/p>\n<p><strong>Link to read full write up: <\/strong>https:\/\/ysamm.com\/?p=777<\/p>\n<p><strong>Save the PDF<\/strong>\u00a0<a href=\"https:\/\/secry.me\/explore\/pdf-story\/TAKE%20OVER\/Account%20takeover%20of%20Facebook_Oculus%20accounts%20due%20to%20First-Party%20access_token%20stealing%20%E2%80%93%20Youssef%20Sammouda.pdf\"><em>here<\/em><\/a><\/p>\n<p>&nbsp;<\/p>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\" style=\"left: -10px; top: -10px; width: 0px; height: 0px;\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n<div id=\"urban-overlay\"><\/div>\n\n<div style=\"font-size: 0px; height: 0px; line-height: 0px; margin: 0; padding: 0; clear: both;\"><\/div>","protected":false},"excerpt":{"rendered":"<p>Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover &#8211; A critical security vulnerability was discovered by bug hunter Youssef Sammouda on January 19, 2023, which potentially allowed malicious actors to steal access tokens and gain unauthorized access to Facebook and Oculus accounts. The vulnerability stemmed from [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4611,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[107,136,461,111,106],"tags":[13,117,451,449,447,450,448,166],"class_list":{"0":"post-4603","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-account-takeover","8":"category-bug-bounty","9":"category-meta-bug-bounty","10":"category-open-redirect","11":"category-takeover","12":"tag-bug-bounty","13":"tag-facebook","14":"tag-facebook-bug-bounty","15":"tag-meta","16":"tag-meta-bug-bounty","17":"tag-meta-bug-bounty-program","18":"tag-meta-bug-bounty-write-up","19":"tag-open-redirect"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.4 (Yoast SEO v27.6) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY<\/title>\n<meta name=\"description\" content=\"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY\" \/>\n<meta property=\"og:description\" content=\"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security\" \/>\n<meta property=\"og:url\" content=\"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/\" \/>\n<meta property=\"og:site_name\" content=\"SECRY\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/secry.me\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-20T08:14:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-30T13:58:51+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Christin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/\"},\"author\":{\"name\":\"Christin\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\"},\"headline\":\"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered\",\"datePublished\":\"2024-06-20T08:14:11+00:00\",\"dateModified\":\"2024-06-30T13:58:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/\"},\"wordCount\":305,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/Oculus-Account-Takeover.png\",\"keywords\":[\"Bug Bounty\",\"Facebook\",\"Facebook Bug Bounty\",\"META\",\"Meta Bug Bounty\",\"Meta Bug Bounty Program\",\"Meta Bug Bounty Write Up\",\"Open Redirect\"],\"articleSection\":[\"Account Takeover\",\"Bug Bounty\",\"Meta Bug Bounty\",\"Open Redirect\",\"Takeover\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/\",\"name\":\"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/Oculus-Account-Takeover.png\",\"datePublished\":\"2024-06-20T08:14:11+00:00\",\"dateModified\":\"2024-06-30T13:58:51+00:00\",\"description\":\"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#primaryimage\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/Oculus-Account-Takeover.png\",\"contentUrl\":\"https:\\\/\\\/secry.me\\\/explore\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/Oculus-Account-Takeover.png\",\"width\":1280,\"height\":720,\"caption\":\"Meta Oculus Account Takeover via Open Redirect\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/secry.me\\\/explore\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#website\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"name\":\"SECRY\",\"description\":\"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections\",\"publisher\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\"},\"alternateName\":\"Security Story\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/secry.me\\\/explore\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#organization\",\"name\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\",\"alternateName\":\"SECRY\",\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"contentUrl\":\"https:\\\/\\\/secryweb.sirv.com\\\/WP_secry.me\\\/2022\\\/06\\\/cropped-SECRY.webp\",\"width\":512,\"height\":512,\"caption\":\"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections\"},\"image\":{\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/secry.me\",\"https:\\\/\\\/pinterest.com\\\/secry_me\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/secry.me\\\/explore\\\/#\\\/schema\\\/person\\\/bf08de9f590b8968a1d054728257190f\",\"name\":\"Christin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g\",\"caption\":\"Christin\"},\"description\":\"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.\",\"sameAs\":[\"https:\\\/\\\/secry.me\\\/explore\"],\"url\":\"https:\\\/\\\/secry.me\\\/explore\\\/author\\\/secry\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY","description":"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/","og_locale":"en_US","og_type":"article","og_title":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY","og_description":"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security","og_url":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/","og_site_name":"SECRY","article_publisher":"https:\/\/www.facebook.com\/secry.me","article_published_time":"2024-06-20T08:14:11+00:00","article_modified_time":"2024-06-30T13:58:51+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png","type":"image\/png"}],"author":"Christin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Christin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#article","isPartOf":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/"},"author":{"name":"Christin","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f"},"headline":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered","datePublished":"2024-06-20T08:14:11+00:00","dateModified":"2024-06-30T13:58:51+00:00","mainEntityOfPage":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/"},"wordCount":305,"commentCount":0,"publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"image":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png","keywords":["Bug Bounty","Facebook","Facebook Bug Bounty","META","Meta Bug Bounty","Meta Bug Bounty Program","Meta Bug Bounty Write Up","Open Redirect"],"articleSection":["Account Takeover","Bug Bounty","Meta Bug Bounty","Open Redirect","Takeover"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/","url":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/","name":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered | SECRY","isPartOf":{"@id":"https:\/\/secry.me\/explore\/#website"},"primaryImageOfPage":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#primaryimage"},"image":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png","datePublished":"2024-06-20T08:14:11+00:00","dateModified":"2024-06-30T13:58:51+00:00","description":"Facebook Oculus Account Takeover Due to Access Token Theft by Exploiting Open Redirect Vulnerability Oculus Account Takeover - A critical security","breadcrumb":{"@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#primaryimage","url":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png","contentUrl":"https:\/\/secry.me\/explore\/wp-content\/uploads\/2024\/06\/Oculus-Account-Takeover.png","width":1280,"height":720,"caption":"Meta Oculus Account Takeover via Open Redirect"},{"@type":"BreadcrumbList","@id":"https:\/\/secry.me\/explore\/meta-bug-bounty-oculus-account-takeover-vulnerability-discovered\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/secry.me\/explore\/"},{"@type":"ListItem","position":2,"name":"Meta Bug Bounty: Oculus Account Takeover Vulnerability Discovered"}]},{"@type":"WebSite","@id":"https:\/\/secry.me\/explore\/#website","url":"https:\/\/secry.me\/explore\/","name":"SECRY","description":"#1 Cyber [SEC]urity Sto[RY]  -  News &amp; Bug Bounty Story Collections","publisher":{"@id":"https:\/\/secry.me\/explore\/#organization"},"alternateName":"Security Story","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/secry.me\/explore\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/secry.me\/explore\/#organization","name":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections","alternateName":"SECRY","url":"https:\/\/secry.me\/explore\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/","url":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","contentUrl":"https:\/\/secryweb.sirv.com\/WP_secry.me\/2022\/06\/cropped-SECRY.webp","width":512,"height":512,"caption":"#1 Cyber [SEC]urity Sto[RY] - News & Bug Bounty Story Collections"},"image":{"@id":"https:\/\/secry.me\/explore\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/secry.me","https:\/\/pinterest.com\/secry_me"]},{"@type":"Person","@id":"https:\/\/secry.me\/explore\/#\/schema\/person\/bf08de9f590b8968a1d054728257190f","name":"Christin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/b5497f25505814356d5235813688d08a9e63670586640e4bb29680889eabcc9b?s=96&d=robohash&r=g","caption":"Christin"},"description":"A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.","sameAs":["https:\/\/secry.me\/explore"],"url":"https:\/\/secry.me\/explore\/author\/secry\/"}]}},"_links":{"self":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4603","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/comments?post=4603"}],"version-history":[{"count":13,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4603\/revisions"}],"predecessor-version":[{"id":4663,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/posts\/4603\/revisions\/4663"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media\/4611"}],"wp:attachment":[{"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/media?parent=4603"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/categories?post=4603"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secry.me\/explore\/wp-json\/wp\/v2\/tags?post=4603"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}