profile-pictures-vulnerability

[utterances-bot]

Profile Pictures Vulnerability — Eddie Coldrick

Here's a write-up of a security vulnerability that I found and reported to a company regarding profile pictures

https://eddiecoldrick.com/profile-pictures-vulnerability

[tiagorangel2011]

Pretty interesting post. I agree that normally incremental user ids are not the best idea, normally I like to use random UUIDs to prevent problems like this, they're pretty easy to work with.