Password token validation in Weblate Bypass
None
W
Weblate
Submitted None
Actions:
Reported by
footstep
Vulnerability Details
Technical details and impact analysis
Hi,
This is a bypass of the fix on #229987. I could confirm that old link still works. Though you would need to use 2 browsers to pull this off
##Reproduction Steps
1. In Browser1, request a password reset
- Load link sent to your email in the same browser
- Request another password reset in Browser2
- Load link sent to your email in the same browser
- Change the password on Browser2
- Successful :D
- Change the password on Browser1
- Success :D
- Now login in any of the password with the last password.
Shuaib.
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Authentication - Generic