Critical · CVSS 9.8Improper Access Control - Generic (CWE-284) PRO

Unauthenticated OAuth Token Leading to Access to Protected APIs

March 6, 2026

3 views

€1,500

Vulnerability Summary

What started as a simple JavaScript analysis ended in a broken OAuth flow that allowed unauthenticated access to protected APIs — and a €1500 bug bounty reward.

Summary

Identification Required

You must be logged in to read this writeup. Join our community of researchers today.

Related Writeups

hackerone-reports

Can download files on Android app without permission

HackerOne disclosed report --> https://hackerone.com/reports/2380133 by hakuna

Read Writeup →

hackerone-reports

Easy way to create a new Deck board without permission

HackerOne disclosed report --> https://hackerone.com/reports/2388183 by hakuna

Read Writeup →

hackerone-reports

2FA requirement bypass when inviting team members

HackerOne disclosed report --> https://hackerone.com/reports/3356149 by 0x7ashish

Read Writeup →

Summary

Identification Required

Related Writeups

Can download files on Android app without permission

Easy way to create a new Deck board without permission

2FA requirement bypass when inviting team members

Discussion