flaw allows full account takeover

Salt Labs researchers identified vulnerabilities which could have enabled attackers to take over users’ accounts

Mar 3, 2023

Flaws in the authorization system of the website could have allowed attackers to take over user accounts and gain full visibility into their personal or payment-card data, as well as log in to accounts on the website's sister platform,, researchers have found.

Salt Security disclosed the issues to, which researchers lauded for responding quickly to address and completely mitigate them. Moreover, there had been no evidence of compromise to the platform before the issues were resolved, said in a statement provided by Salt Security.

Get the full story at Salt

Related must-reads


Get our Daily Brief in your inbox

Consumers are changing the face of hospitality - from online shopping to personalized guest journeys and digitalized guest experiences ...
we've got you covered.

By submitting this form, you agree to receive email communication from and its partners.