Disavowed an email without any authentication

Hii team, I hope you are doing well. While conducting my research I found that there are some URLs that leads to disavowing some account without any authentication. It allows unauthorized users to disavow or dissociate an email address from an account without requiring proper authentication. Steps to reproduce: 1. Put this command into your terminal: waybackurls liberapay.com | grep disavow This command will collect all the URLs related to liberapay.com and search for the specific keyword "disavow". If you open one of the URLs you'll disavow an account without proper authorization. ## Impact Unauthorized Account Access: Attackers can disassociate a legitimate email address from an account, potentially preventing the real owner from accessing their account. Please let me know if you need more info. Kind Regards @sameersec