WRITEUP #3110

thisclosed_#1 - Full Account Takeover of ANY user via Insecure Direct Object Reference (IDOR) on reset password functionality

IDORPassword resetAccount takeover

by@indevi0us(Samuele Gugliotta)

Program

Published

Jan 4, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.hckrt.com/blog/thisclosed_1/

▸ RELATED WRITEUPS

Built with ❤️ by Shubham Rawat