Exif Geolocation Data Not Stripped From Uploaded Images | Bug Bounty PoC

Save
2 years ago
44
Exif Geolocation Data Not Stripped From Uploaded Images EXIF metadata not stripped from JPG group logo Exif Geolocation Exif Geolocation Data Not Stripped Exif Geolocation vulnerability Exif Geolocation vulnerabiliti exif geolocation data exif geolocation metadata exif data bug exif data exploit Information leakage in EXIF data of images

Exif Geolocation Data Not Stripped From Uploaded Images - Rahad Chowdhury

Hello guyes!
Today video topic is all about Exif Geolocation Data Not Stripped From Uploaded Images vulnerability.
When a user uploads an image in example.com, the uploaded image’s EXIF Geolocation Data does not gets stripped. As a result, anyone can get sensitive information of example.com users like their Geolocation, their Device information like Device Name, Version, Software & Software version used etc.

Security Impact:
In Bugcrowd, This Issue is considered as P3 and P4.
P3 : When the profile picture or file shared is publically available.
P4 : When the profile picture is only saw by You.

If You face any Problem You can Contact with Me
..............................................................................................................
Contact:::
..............................................................................................................
Facebook:
https://www.facebook.com/rahadchowdhury55
..............................................................................................................
Web: https://rahadchowdhury.info
Read Blog:
https://rahadchowdhury.info/blog/
...............................................................................................................
Linkedin:
https://www.linkedin.com/in/rahadchowdhury
..............................................................................................................
Twitter: https://twitter.com/hinad5
..............................................................................................................
Skype: rahad.chowdhury2
..............................................................................................................

#ExifGeolocation
#EXIFMetadata
#ExifGeolocationData
Exif Geolocation Data Not Stripped From Uploaded Images
EXIF metadata not stripped from JPG group logo
Exif Geolocation
exif geolocation data not stripped
Exif Geolocation vulnerability
Exif Geolocation vulnerabiliti
exif geolocation data
exif geolocation metadata
Exif Geolocation Data Not Stripped
exif data bug
exif data exploit
Information leakage in EXIF data of images
EXIF geolocation data were not removed from images
EXIF metadata stripped
exif data viewer
exif
metadata
exif data
uploaded image's EXIF Geolocation Data
Geolocation Data On Uploaded Images
exif data vulnerability
sample image with exif gps data
exif photo location
exif geolocation online
exif geolocation metadata
what is exif metadata
exif location information
exif data
exif data viewer
exif image
exif image description tag
exif metadata information
original exif metadata information
exif metadata location

Loading comments...