Over 5 months: Payment bypass marked OOS, moved to VDP, and downgraded to Medium.
Hi everyone. I want to share a frustrating timeline and get your thoughts. I found a server-side price manipulation. I could intercept a request and change a payment fee to exactly 1 EUR, getting a valid payment session. I also chained it with an open redirect. I provided a video PoC and HTTP logs.
ORIGINAL SOURCE →via Reddit r/cybersecurity
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Conti, Akira ransomware affiliate given 8-year sentence
- [CYBER] Somali terror groups could tighten Hormuz chokehold through Bab-el-Mandeb piracy, experts say
- [CYBER] 'Phishing campaigns continue to improve sophistication and refinement': Microsoft flags major 'sophisticated' phishing campaign targeting 35,000 users across 26 countries
- [CYBER] Russia to expand ‘cyber squads’ in schools and universities to monitor online content
- [CYBER] An exploitable integer overflow in Lix (CVE-2026-44028)
- [CYBER] Latvian national sentenced for ransomware attacks run by former Conti leaders