Unsecure changing password
None
Vulnerability Details
I would like to report about changing the password. When you change the password it didn't require the current password. The scenario here is when you forgot to logout your account when you login on other device it is easy to takeover the account by changing the password of it.
## Impact
Easy to takeover any account
Actions
View on HackerOneReport Stats
- Report ID: 361106
- State: Closed
- Substate: not-applicable
- Upvotes: 3