Email Spoofing

Disclosed: 2017-02-14 17:38:08 By dhamu007 To portswigger
Low
Vulnerability Details
There is an Email Spoofing Vulnerability. Steps to reproduce: 1) Go to http://emkei.cz/ 2) Fill "From Email" field to [email protected] or any other portswigger email. 3) Fill the victim's address (your address) to "TO" field and fill in other details as you wish. You will receive email from portswigger.net admin. Reference: https://hackerone.com/reports/575 Note: If you don't find it in your inbox, see spam folder. If the victim is using Gmail account it might be in spam folder. In other mailing service like yahoo it is directly received in inbox.
Actions
View on HackerOne
Report Stats
  • Report ID: 206359
  • State: Closed
  • Substate: not-applicable
  • Upvotes: 3
Share this report