Technical Writeups

Reset Password Poisoning Via Host Header Injection Lead to (ATO)OTP/2FA BypassesLack of Authentication on the OTP Endpoint enables an attacker to brute force the Correct OTP
PreviousWeb Vulnerabilities WriteUpsNextReset Password Poisoning Via Host Header Injection Lead to (ATO)