Summary by Tesla
Authorized drivers could list existing invitations issued for a vehicle they had access to, this information should be restricted to vehicle owners.
Improper Authorization - Second (Additional) Driver can list "add-driver" invitation links
Disclosed by sagarparmar121- Program Tesla
- Disclosed date over 1 year ago
- Points 10
- Priority P3 Bugcrowd's VRT priority rating
- Status Resolved This vulnerability has been accepted and fixed
Summary by sagarparmar121
Can i disclose and create a blog?