A vulnerable password reset API made it possible to take over any account and gain admin-level access to the platform. In addition, broken/missing access controls made it possible to access all data on the platform.| eaton-works.com
Breaking into a Toyota CRM and exploiting it to view customer information.| eaton-works.com