Vulnerability in United Airlines Website

Earlier this year we reported about security measures taken by United Airlines that they’ll give you up to a million miles to find a Security Bug in their system. An Indian researcher Rahul Mohanraj who read about the United Airlines’ bug bounty program was perhaps excited to travel those million miles so he started working on it!

According to Mohanraj, when he went through the airline’s website, he found out that it was vulnerable to ClickJacking by which one can add email ID to any existing United Airlines Account. At first, he thought to report it to the airlines but decided not to because according to him it was not a big bug to be reported.

Rahul Mohanraj, an Indian security researcher / Image Source: Facebook

However, he kept trying to look for bigger security flaw and found that the process of changing the secondary email to primary did not have (Cross-Site Request Forgery) CSRF token. This is the time when hacker decided to report the bug to the airline. In an email response, United hacker-earns-50000-free-airmiles-after-finding-flaw-in-united-airlines-siteAirlines said that ClickJacking issue was already reported by someone, but the CSRF problem was never reported before by anyone, according to the blog post.


Now, when the bug is fixed, United Airlines has awarded the bug reporter “50,000 miles”.

CSRF (Cross-Site Request Forgery) is an attack which takes place when the malicious website, email or a message makes the Web browser perform an unwanted action on trusted site for which the user is authenticated via OWASP.

By Uzair Amir on December 19, 2015

Full article:

Source: Hacker Earns 50k Miles by Exposing Vulnerability in United Airlines Website

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.