bypass two-factor authentication.
Medium
L
LinkedIn
Submitted None
Team Summary
Official summary from LinkedIn
The researcher found a way to bypass two-factor authentication using the merge-accounts feature, which allowed to log in the victim account without any 2 FA control, provided the credential of victim is known. The issue was resolved.
Actions:
Reported by
spaceboy20
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Authentication - Generic