Back to directory

WRITEUP #3845

Unauthenticated Account Takeover Through Forget Password

Auth BypassPassword resetAccount takeoverInformation disclosure

by@niksthehacker(Nikhil (niks))

Program

-

Published

Apr 12, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://infosecwriteups.com/unauthenticated-account-takeover-through-forget-password-c120b4c1141d

▸ RELATED WRITEUPS

Breaking the Barrier: Admin Panel Takeover Worth $3500

Auth BypassAuthentication bypass

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

Forced SSO Session Fixation

Built with ❤️ by Shubham Rawat