Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
User can pay using archived price by manipulating the request sent to `POST /v1/payment_pages/for_plink`
Gregxsunday - HackerOnePosted 4 Years Ago- Stripe is an application for online payments. This researcher noticed that archived prices could be used on a payment link. As a result, an attacker could use a different price than the current one on a payment.
- This was due to a lack of validation on the payment link AND the price being active. It appears that the price was validated but not for being turned on. Good find!
