User registration using public domain email like gmail in place of professional email.
Medium
D
Dropcontact
Submitted None
Team Summary
Official summary from Dropcontact
Like sais in the title, we were only checking and restricting professional email in frontend, which led to being able to register with an email which is not pro because we were not checking this info in the backend.
Actions:
Reported by
cyc0rpion
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Reliance on Untrusted Inputs in a Security Decision