Parameter Pollution is a vulnerability that allows you to edit parameters that shouldn’t be edited…

and possibly also change the order of the things


Hii, I’m Andres Alonso, Brazilian 14 years old. Today I am going explain how I accidentally found a critical stored XSS when I was making an Instagram integrated app.

Sometimes I work on my app to make Instagram filters by mobile, to make a functionality of my app I needed to understand how the Spark AR facebook filter creator app generates the filter links to test the filter on the smartphone.

Andres Alonso

15y PT-BR / bug hunter and developer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store