Panel access at https://news-push-88.op-mobile.opera.com/.

Disclosed by
rahul0x01
  • Program Opera Public Bug Bounty
  • Disclosed date over 1 year ago
  • Points 10
  • Priority P3 Bugcrowd's VRT priority rating
  • Status Resolved This vulnerability has been accepted and fixed
Summary by rahul0x01

Hello team,
My name is Rahul Sirvi, security researcher from India 🇮🇳.

Summary: After performing my RECON on opera.com, I found few panels from which I was able to access one from them.

The panels were:
https://subdomain01.opera.com/login?redirect=%252F
https://subdomain02.opera.com/admin/
https://vulnerablesubdomain.opera.com/site/login
https://subdomain03.opera.software/pwm/

Steps to reproduce:

  1. Go to "https://vulnerablesubdomain.opera.com/site/login". A login page appears.
  2. Pluck /site/login and add /admin.
  3. Got into the panel without any authorization <3

Thanks,

Activity