Login
From:
HackerOne
(Uncensored)
subscribe
HackerOne
https://hackerone.com/reports/1130874
links
backlinks
**Summary:** The `users.list` API endpoint is vulnerable to NoSQL injection attacks. It can be used to take over accounts by leaking password reset tokens and 2FA secrets. Taking over an admin...
Roast topics
Find topics
Roast it!
Roast topics
Find topics
Find it!
Roast topics
Find topics
Find it!
