Rickrolling the World Cup

A hacker gained full control of FIFA World Cup RTMP ingest URLs through a client-side authorization bypass. The researcher could have replaced live match feeds or shut off broadcasts but chose to report the vulnerability instead. Live scores, player bios, and other data were also accessible.