Disclaimer: This story is just to give you an idea how misconfigured social login can be exploited.
Hello cruel world,
This is a story of an innocent girl Derpina Victims, whose BookMyShow account got hacked because she just wanted to know “when will she die” from a viral stupid Facebook app.
Derpina got to know about this “cool” Facebook app that tells when will she die. All her friends were posting their results so she tried it as well. …
In Sept. 2013 I found Reflected XSS in www.ebay.com. Why writing it up now? Because I didn’t want to “showoff” for reasons. Enough with the drama :D. Let’s get to the point.
So I was looking at all the names in Hall of fame of different sites. On Ebay’s Security Researcher page, I thought the list is long but I want my name in the list.