๐Ÿ”ฌ ATLAS SECURITY LAB

Lab Vulnerabilities

IDOR on Profile Data
GET /api/profile/[userId] โ€” change userId to enumerate any profile
Open Redirect in OAuth
redirect_uri not validated in /oauth/authorize โ€” leads to token leak
CSRF on Follow/Connect
POST /api/connect โ€” no CSRF token, any page can trigger follow
Stored XSS in Bio
Profile bio field renders innerHTML โ€” <img src=x onerror=alert(1)>
Weak Session Token
li_at cookie: predictable Base64 encoding of user:timestamp
Join now

Welcome to your professional community

Software Eng Connect UX Designer 3 LinkedIn
๐Ÿ‘ค
Atlas Security
Security Researcher | Bug Bounty Hunter
Profile viewers142
Post impressions2,840
Try Premium for free
๐Ÿ‘ค
People you may know
Show more โ†’
LinkedIn News
Saudi Arabia tops tech jobs
4h ago ยท 12,400 readers
Cybersecurity skills in demand
6h ago ยท 8,200 readers
Remote work expands in MENA
8h ago ยท 5,600 readers