BugBountyHunter
  • Home
  • About
Sign in Subscribe
Ghost

Ghost

You can delete this user to remove all the welcome posts
The Internet
https://ghost.org
How re-signing up for an account lead to account takeover
bugbounty

How re-signing up for an account lead to account takeover

This is a quick write-up about an interesting bug I found on a bounty program which lead to unauthorised access to any account you knew the email of (no password needed!). I believe some other researchers may of overlooked the functionality of the site and some of the requests that
Feb 15, 2022 3 min read
Page 1 of 1
BugBountyHunter © 2023
  • Contact
Powered by Ghost