RCE due to Dependency Confusion — $5000 bounty!
Hey everyone! I’m back with another cool write-up about a bug bounty report I submitted to a private program on HackerOne. Guess what? I got a $5,000 reward and they took care of it in just 30 minutes!
I won’t go into the nitty-gritty of dependency confusion since there are plenty of awesome write-ups out there that cover it.