Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Broken Authendication And Session Management

R
Reddit
Submitted None
Actions:
View on HackerOne
Reported by kedibeauty

Vulnerability Details

Technical details and impact analysis

Improper Access Control - Generic
## Summary: Broken Authendication And Session Management On reddit.com Here I'm Using 2 Browsers 1.Chrome (victim Browser) 2.Firefox(attacker browser) ## Steps To Reproduce: 1. Login your Account (Chrome Browser) 2. Copy Cookies 3. Paste it in firefox Browser and reload 4. you login without username and password ## Supporting Material/References: * broken auth POC.mkv ## Impact An attacker can access victim account without entering username and password

Report Details

Additional information and metadata

State

Closed

Substate

Not-Applicable

Submitted

Weakness

Improper Access Control - Generic