Vulnerability Summary
HackerOne disclosed report --> https://hackerone.com/reports/3020021 by adilnbabras
Hi, team. During testing, I discovered that only privileged users or translation owners can unapprove an approved translation, but due to logical errors, any logged-in user can unapprove any approved translation.
Go to https://mozilla-pontoon-staging.herokuapp.com/ and log in to your account.
Click on Teams and select any team from the menu.
No comments yet.
Be the first to share your thoughts
Log in to join the discussion.
Sign In