Detailed information
Password reset de mentiqi sehv var. Gonderilen her yeni reset link ozunden evvelkileri invalidasiya etmir ve bu yolla sonsuz sekilde gonderilen linkler hesabina password reset hash-i tapmaq mumkundu (bundan evvel gonderilen captcha bypass ile birlesdirmek mumkundur)
Comments
-
20 October 2016, 15:40
Vulnerability status
Sended e-mail to source about vulnerability -
28 September 2016, 03:58
Added point to Vulnerability
For translate of bug gived 5 point to translator -
28 September 2016, 03:58
Added point to Vulnerability
For translate of bug gived 1 point to translator -
09 September 2016, 13:05
Added point to Vulnerability
Moderator gave 5 point from 10 to vulnerability -
09 September 2016, 12:53
Vulnerability status
Confirmed by Moderator -
08 September 2016, 16:58
Vulnerability added
Vulnerability added to BUGemot