Hadi Zeinaldeen

Published On: 15 May 2019

Crashing web/mobile clients by bypassing comment character limit

Rate Limits
Linkedin | Web
---
UNDEFINED VALID
Description

Intercepting the request and adding a huge amount of text to it and then forwarding it will bypass the character count limit, causing client devices to crash while trying to load the comment.

Impact

By placing a really large comment on someone's post (potentially even big accounts like the official linkedin account followed by millions of users), an attacker can disable access to this post, and any news-feed this post appears in.




Reproduction Steps

Step
1

Find a victim post and post a regular comment on it

Show Image

Step
2

Intercept the POST request

Show Image

Step
3

Edit the request "newCommentText":{"values":[{"value":"my comment"}]} and place a really large text in place of the comment value, then forward the request.

Show Image

Timeline
.
Hadi 26 Mar 2019

Initial Report

.
Linkedin 26 Mar 2019

Begin investigation Thank you for your report. We will investigate it and get a response back to you when we have completed our analysis.

.
Linkedin 27 Mar 2019

Issue Confirmation We have confirmed the issue and are working towards a fix. We will be in touch as soon as we have any updates.

.
Linkedin 13 Apr 2019

Issue Fix We have confirmed that this issue has been resolved. Feel free to retest and let us know if your results vary. Thanks again for reporting this is ... See More

.
Hadi 13 Apr 2019

Fix Confirmation

VALID






Show All Images