Forgot Password Issue
Unknown
Vulnerability Details
Hi,
The application authenticates user before the password is changed by the user.
POC:
1. User attempts password reset
2. User gets verification link
3. User access link and gets authenticated automatically before performing any password change
Actions
View on HackerOneReport Stats
- Report ID: 23363
- State: Closed
- Substate: resolved
- Upvotes: 4