How I found a bug in YouTube that let me watch private videos I wasn’t allowed to, says compsci student

Until early last year, Google’s YouTube had a security flaw that made private videos visible at reduced resolution, though not audible, to anyone who knew or guessed the video identifier and possessed the technical knowledge to take advantage of the snafu. The bug was fixed in January 2020, after it was identified in December, 2019, by David Schütz, a computer science student at the University of Szeged in Hungary, and reported to Google through the company’s Vulnerability Rewards Program (VRP).

Read full article on The Register