A little bit about Rate Limit:
A rate limiting algorithm is used to check if the user session (or IP-address) has to be limited based on the information in the session cache.
In case a client made too many requests within a given time frame, HTTP-Servers can respond with status code 429: Too Many Requests

Steps To Reproduce The Issue

Step 1- Go To This Link

Enter Email Click On Forget Password

Step 2- Intercept This Request In Burp And Forward Till You Found YOur Number In Request Like (“email”:your email here”)

POST /api/v1/users/password/remind HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64…

Prava Basnet, Nepali bug bounty hunter has been awarded $3,000 after discovering bugs on Facebook. The bugs (security vulnerability) were related to Facebook and Instagram.

In fact, she discovered 2 bugs on the platform.

Let’s first get to know what these bugs were.

One of the bugs that she reported was the photo uploaded to Instagram’s story was also shared on Facebook. The social media giant has fixed this bug and awarded Prava with a thousand dollar bug bounty.

Basically, this flaw would share an Instagram story to Facebook without the user’s consent.

Another bug was related to the linked…


Bug Bounty Hunter

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store