Information disclosure same issue #176002
Low
Vulnerability Details
HI,
Reference :- #176002
People use 2fa to protect his / her account from unwanted access and for getting secure from information leak.
you were displaying the last 4 digits of a user's phone number after login (e.g. "we've send a code to xxx-1234").
Industry standard is to show 2 digits instead of 4 digits.
Kind Regards !
Actions
View on HackerOneReport Stats
- Report ID: 248599
- State: Closed
- Substate: resolved
- Upvotes: 7