Disclosure of Merchant_id into the source code without entered OTP code leads to Victims MID takeover.

Disclosed: 2021-03-08 15:11:01 By basant0x01 To kartpay

Critical

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 1082288
State: Closed
Substate: resolved
Upvotes: 16

Share this report