Captcha Bypass enable login bruteforce
Unknown
Vulnerability Details
HI
There is captcha bypass, which can lead to login credentials bruteforce attack.
Just remove **&g-recaptcha-response** from request, and the server accepts your request.
Please check the screenshots...
Actions
View on HackerOneReport Stats
- Report ID: 124173
- State: Closed
- Substate: resolved
- Upvotes: 2