WRITEUP #3565
You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures
CSRFPassword resetHost header injectionAccount takeover
by@innotommy(Tommaso Innocenti)
Program
-
Published
Jul 26, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://innotommy.com/You’ve%20Got%20%28a%20Reset%29%20Mail.pdf