Project information
- Category: Cybersecurity
- Project date: March, 2024
Fizz Social CDN Vulnerability
In March of 2024 during some looking at the API of the app Fizz a new CDN url was discovered. The root url was found to have the XML fully accessible including backup and other folders that could have resulted in a large scale data breach.
This breach was reported to Fizz on March 25th at 4:15pm CDT via email, at 4:37pm CDT a response that they were looking into the matter was received and remediation was confirmed by 5:30pm CST. Please note any identifying information has been removed and certain other information redacted for my own protection.