← All Tags
# vulnerability brute-force

1 link tagged with all of: vulnerability + brute-force

Click any tag below to further narrow down your results

+ airline (1) + security (1) + data-exposure (1)

Links

Brute-Forceable Airline Reservation API Left Millions of Passenger Records Vulnerable

A security researcher discovered a vulnerability in Avelo Airlines' reservation API that allowed a brute-force attack to access sensitive passenger information. The flaw stemmed from missing last name verification and lack of rate limiting, enabling attackers to retrieve personal data in just hours.
Saved by tldr-importer · Last saved February 14, 2026 · 5 min read
+ airline + security vulnerability ✓ + data-exposure brute-force ✓