Delta site flaw lets passengers access others' boarding passes - Security - News - iTnews.com.au
Online check-in system vulnerability discovered.
A vulnerability in the website of American airline Delta allowed the airline's passengers to view and alter other travellers' boarding passes without their knowledge.
Hackers of New York founder Dani Grant this week revealed what appears to be a direct object reference vulnerability in Delta airline's website that allows passengers of the airline to access others' boarding passes by changing the URL.
The flaw also made it possible to view boarding passes of travellers on other airlines, Grant claimed, and to check in passengers online.