This is a quick write-up about an interesting bug I found on a bounty program which lead to unauthorised access to any account you knew the email of (no password needed!). I believe some other researchers may of overlooked the functionality of the site and some of the requests that