This bug is categorised as IDOR. We all share Instagram reels with our friend via DM. Did you every try "Copy link" and share on mediums like WhatsApp or any similar apps ? When you do that, the generated Link would be of the below URL https://www.instagram.com/reels/<REEL_ID>?igsh=<Encrypted> The igsh in the Query params of URL is an encrypted string, that would get decrypted on the Instagram servers to the User's Profile ID. On clicking on the link, it would open the Instagram App and plays the reel and then an interruption will be by a popup like the below screenshot The Attack... Crafting the URL ... If you replace the <Reel_ID> (What the user intended to share) with a <Granphically_Sensitive_Content_REEL_ID> in the link and send it to users, when ever any user opens the link. It would show graphically sensitive content and then a Popup of the victim's profile. Though they didn't intend to share it. Report timeline...
Yaswanth Mangalagiri
Welcome to my Universe ! I'm a Software Engineer, strive to exploit security flaws only on Tech giants, though most of the time my attacks go into the graveyard ๐. Music ๐ธ | Bug Bounty๐๐ค