I was fucking around with telenets end-point and found a IDOR/ race condition vulnerability. It let me add a student discount and i could add it multiple times. Now it actually worked and my bill went from 85eu to 15eu. Will they notice? And could I get into trouble if I report it or should I play dumb and say it must have been an accident?
by Lonelybiscuit07
1 comment
you should post it on a social network site that has tons of IT people on it…