Delta site flaw lets passengers access others' boarding passes

Status
Not open for further replies.
Flashback

Flashback

Enthusiast
Joined
Oct 29, 2006
Posts
12,560
Delta site flaw lets passengers access others' boarding passes - Security - News - iTnews.com.au

Online check-in system vulnerability discovered.

A vulnerability in the website of American airline Delta allowed the airline's passengers to view and alter other travellers' boarding passes without their knowledge.


Hackers of New York founder Dani Grant this week revealed what appears to be a direct object reference vulnerability in Delta airline's website that allows passengers of the airline to access others' boarding passes by changing the URL.


The flaw also made it possible to view boarding passes of travellers on other airlines, Grant claimed, and to check in passengers online.
Click to expand...
 
Struggling to Redeem Your Frequent Flyer Points?
The Frequent Flyer Concierge team takes the hard work out of finding reward seat availability. Using their expert knowledge and specialised tools, they'll help you book a great trip that maximises the value for your points.

AFF Supporters can remove this and all advertisements

How do they access boarding passes for passengers of other airlines?
 
JohnK said:
How do they access boarding passes for passengers of other airlines?
Click to expand...

Either a velnerability with Sabre (AA and DL both use Sabre) or maybe something to do with code shares? From what I read in another article it was a pretty primitive but obvious hole. Maybe so obvious that it escaped attention?
 
Status
Not open for further replies.

Enhance your AFF viewing experience!!

From just $6 we'll remove all advertisements so that you can enjoy a cleaner and uninterupted viewing experience.

And you'll be supporting us so that we can continue to provide this valuable resource :)


Sample AFF with no advertisements? More..

Recent Posts

Currently Active Users

... and 48 more.
Total: 904 (members: 98, guests: 806)
Back
Top