Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

Business logic error

Low
U
UPchieve
Submitted None
Actions:
View on HackerOne
Reported by scianto05

Vulnerability Details

Technical details and impact analysis

Business Logic Errors
Hi UPCHIEVE SECURITY TEAM I'm Anto Vulnerability : Business logic error There is no password verification while changing a password. Steps to Reproduce : 1). Go to (https://hackers.upchieve.org/resetpassword). 2). Click the change password. 3). If your old password was ex: hacker and in new password enter the same password ex: hacker. 4). The password will be updated. There is no password check mechanism on there. Fix it by making an alert " Your new password must be different" ## Impact Business logic error Please let me know if this can be fixed :) Regards, Anto

Report Details

Additional information and metadata

State

Closed

Substate

Not-Applicable

Submitted

Weakness

Business Logic Errors