Navigation:   Dark C0d3rs Exploit Log Research Papers/Vulnerability reports HackerOne Disclosed Reports - 2025-03-18

HackerOne Disclosed Reports - 2025-03-18

0 Replies, 319 Views

 hashXploiter

   03-19-2025, 07:00 PM
Administrator
#1
Logo
Critical
resolved

SSRF in Autodesk Rendering leading to account takeover


Bug reported by was disclosed at March 18, 2025, 6:48 pm   |   Server-Side Request Forgery (SSRF)

A server side request forgery (SSRF) vulnerability was discovered in Autodesk Rendering. The vulnerability could have allowed an attacker to gain control of a victim's account while they were logged in. Autodesk has fixed the vulnerability.


Logo
Medium
resolved

Django Debug Mode Enabled - Information Disclosure on api.wwm-dev.autodesk.com


Bug reported by ??? ℜ???? ??? was disclosed at March 18, 2025, 5:58 pm   |   Information Exposure Through Debug Information

The domain api.wwm-dev.autodesk.com was discovered to have Django debug mode enabled, which led to information disclosure. The issue was fixed by Autodesk.


[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]

Messages In This Thread
HackerOne disclosed reports - 2025-03-18 - by hashXploiter - 03-19-2025, 07:00 PM



Users browsing this thread: 1 Guest(s)