This SIMPLE vulnerability in Shopify earned a $2500 bug bounty
Don’t forget to check for user access rights
Published in
3 min readAug 1, 2022
Summary
One of the most common vulnerabilities occur when a user is able to access something to which they are should not have access. If a malicious actor exploits this vulnerability and accesses confidential information of others, this can cause a leak of sensitive data. This is a form of vulnerability called information disclosure, and it can take many forms.