Technology
A security flaw in Grindr let anyone easily hijack user accounts – TechCrunch
Secret tokens used to reset account passwords were leaking to the browser.
Grindr, one of the world’s largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user’s account using only their email address.
Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr. When he didn’t hear back, Bouimadaghene shared details of the vulnerability with security expert Troy Hunt to help.
The vulnerability was fixed …
-
Noosa News20 hours agoFatal Traffic Crash, South Bingera
-
General24 hours agoAustralia’s Diamonds defeat South Africa’s Proteas 65-42 in third netball Test
-
General22 hours agoBathurst 1000 quick hits: Chaz Mostert drinks beer with fans, Erebus owner protests, and drama on Mount Panorama
-
Noosa News17 hours agoTrucking company penalised for refusing to pay unfairly sacked worker