Password Reset Link not expiring after changing the email Leads To Account Takeover
Low
N
Nord Security
Submitted None
Team Summary
Official summary from Nord Security
The researcher has identified an issue in our password reset workflow where the password reset URL was not expiring correctly after the user has requested a password change
Actions:
Reported by
dantt
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Authentication - Generic