Instagram Android App Security Vulnerabilities (EN)

Published in:

Bugtraq mailing list

 

Excerpt:

After the Instagram iOS vulnerability discovered last year, the app’s HTTP API has been extended with a cryptographic authentication for changes like “likes” and deletes. However, the implementation of this authentication is flawed in two ways, making it possible to “like” or delete pictures in the name of another user, once his credentials have been sniffed over plain-text HTTP…

More information

Um unsere Webseite für Sie optimal zu gestalten und fortlaufend verbessern zu können, verwenden wir Cookies. Durch die weitere Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu.