Friday 27 January 2023, Poradnik bezpieczeństwa

A vulnerability that allowed you to download any CV from Linkedin


Some time ago, the portal shared information about a very harmful but simple vulnerability on Linkedin.

Namely, it was possible to download each user's CV without logging in, without authorization or any unnecessary steps. It was enough to enter a specific address, e.g. "" and successively enter random numbers to display more CVs of users.

The vulnerability was patched and a bounty of $5,000 was paid for finding it.