[help.steampowered.com] Account takeover bruteforcing SteamGuard
High
V
Valve
Submitted None
Team Summary
Official summary from Valve
Due to a missing protection on a support endpoint, email verification codes could be bruteforced - leading to possible account takeover. The endpoint issue has been corrected.
Actions:
Reported by
natetheriver
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$2500.00
Submitted
Weakness
Business Logic Errors