[Venmo Android] Remote theft of user session
State Resolved (Closed)
Disclosed publicly 2019-02-07T23:05:45.457Z
Reported To
Weakness none
Bounty $10,000
Collapse

Summary by bagipro

A URL activity in the Venmo application used the built-in android.net.Uri parser, which has a known logic problem with certain characters. If an external URL were passed from a website or other app on the device to the application activity, the app would open the URL without properly validating the destination. This could expose some session data to a third party.

Timeline
submitted a report to PayPal .
2018-08-28T22:15:18.850Z

Regards,
Frans

  • 0 attachments:
lollipup Activities::ReportSeverityUpdated
2018-08-31T13:33:53.968Z


lollipup Activities::BugTriaged
2018-08-31T13:35:24.771Z


space_pp Activities::Comment
2018-08-31T17:38:15.585Z


Activities::BountyAwarded
2018-08-31T17:53:17.760Z


bagipro Activities::Comment
2018-08-31T17:53:18.836Z


bagipro Activities::Comment
2018-08-31T17:53:40.243Z


greentea Activities::ReassignedToTeam
2018-11-15T20:21:58.571Z


bagipro Activities::Comment
2018-11-16T06:54:11.358Z


greentea Activities::ReassignedToTeam
2018-11-16T15:13:02.406Z


space_pp Activities::BugResolved
2018-11-27T19:39:33.638Z


bagipro Activities::Comment
2018-11-27T19:44:28.415Z


bagipro Activities::AgreedOnGoingPublic
2019-01-12T20:59:37.899Z


space_pp Activities::AgreedOnGoingPublic
2019-02-07T23:05:45.317Z


space_pp Activities::ReportBecamePublic
2019-02-07T23:05:45.486Z