Pinterest fixed an issue in the API of its web app that could have allowed remote attackers to compromise emails and carry out session hijacking and phishing attacks. The bug is one of 47 identified since Pinterest formalized its bug bounty program with Bugcrowd in May 2014. The photo sharing app allows users to share pins and maintain pinboards Pinterest has since upped the ante for its bug bounties to find bugs in its developer site, API, iOS and Android mobile applications.
Source: https://threatpost.com/pinterest-fixes-validation-vulnerability-in-api/113581/