Password Reset

  • I was testing for ATO via reset function . Tried all method but no success. My friend@Tabnexa gave me tip to add double Host in request while requesting password Host: http://site.com Host: http://evilsite.com Boom it worked

  • Password reset poisoning -

PreviousMobileNextWeb Cache

Last updated