Session issue in Coinbase Worth 1000$

Session issue in Coinbase – Bug Bounty POC

Hello Bug Bounty POC viewers,This is Hisham Mir and today i will share how i found Session issue in Coinbase,This vulnerability only worked in Coinbase Android app.so Let’s start it

Coinbase is a bitcoin wallet and platform where merchants and consumers can transact with the new digital currency bitcoin.

Steps to Reproduce : 
1. Login in your coinbase Wallet via Android Application and go to manage account.
2. now Login in your Coin Base Wallet Via Pc
3. Now open security setting from pc and remove all device from authorized apps
4. after removing all authorized apps from pc your android session will still validate there and you can still manage the setting from android app

After bug was publicaly disclosed on hackerone.The Ceo of Hackerone personally messaged me on facebook and congrats me well as Hackerone team congrats me on twitter as well.

Message of Hackerone CEO :

Screenshot_1

Hackerone Team Tweet :

You may also like...

5 Responses

  1. Paulos says:

    Great and lucky catch 😉

  2. Tamra says:

    extremely informative info, thanks you, +4 for information

  3. Hello. splendid job. I did not anticipate this. This is a remarkable story. Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *