UStrive, an online mentoring platform for students, exposed personal data of at least 238,000 users through a vulnerable GraphQL endpoint. The security flaw allowed any logged-in user to access full names, email addresses, phone numbers, dates of birth, and other private information by examining network traffic. The nonprofit

3m read timeFrom techcrunch.com
Post cover image

Sort: