LinkedIn Vulnerable to User Account Delete using Click jacking, found by Asish
This Vulnerability is accepted by LinkedIn they are in a process to patched it but not yet patched. The hack use the Linkedin account deletion page itself.
Vulnerability Type: ClickJacking
Found By: Asish
Alert Level: Critical
Default Account Closing page provided by Linkedin:This exploit use the default Account Closing page.
User can close his account from LinkedIn by visiting the following page
Once he click continue user have to click on verify account to close
And Final Step
Once user submit the right answer his account will be removed from LinkedIn
Are you curious to play this Game?
The document is available here(Password: 8nj98F4h9AW)