Open in app

Sign in

Write

Sign in

#2 HOW TO FIND YOUR FIRST BUG (Get Easy Bounty)
327
9

Mayank Gandhi

SAEED
Sep 22, 2021

--

nice but how did the actual password reset work?

according to you if u set your firstname or lastname as a the attacker's site like http://evil.com you get the reset link like http://evil.com?token=xxx

so if you use your actual name like mayank

you will get the reset link like

mayank?token=xxx

which does not make any sense

--

--

SAEED
SAEED

Written by SAEED

68 Followers
167 Following

Application Security Researcher | Developer

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams