Bug found in IRCTC website
Bug found in IRCTC website Personal information of lakhs of passengers could have been leaked 17 year old student saved
Sunil Shukla 
The bug has been noticed on the online ticketing platform of Indian Railway Catering and Tourism Corporation (IRCTC). This bug has been identified by a 17-year-old student studying in a school in Chennai. By identifying the bug, the personal information of millions of railway passengers has been saved from the danger of leaking. As soon as P Ranganathan came to know about the bug, he informed the Computer Emergency Response Team (CERT).
In
fact, this student was booking train tickets by logging into the IRCTC portal a few days ago, during which he noticed some error in the security service which could endanger his privacy.
Ranganathan could see the details of other passengers
When Ranganathan was booking the ticket, he found that he could see the details of other passengers also. In which he could know their name, gender, age, PNR number, train details, departure station and till date of journey. Ranganathan said that because the back-end code is identical, a hacker can order food, change boarding stations and even cancel a passenger's ticket.
Solution to the problem turned out to
Ranganathan on August 30, 202l gave information about the bug IRCTC to CERT. CERT created a 'query' ticket for this within minutes. Ranganathan explains that five days later, the bug was fixed and IRCTC accepted that the bug was there.
