Failed to validate Session after Password Change.

Disclosed by
cyber_ritik's avatar
cyber_ritik
  • Engagement Undisclosed
  • Disclosed date over 2 years ago
  • Priority P4 Bugcrowd's VRT priority rating
  • Status Informational This vulnerability is seen as an accepted business risk
Summary by cyber_ritik

Can we disclose ?

Activity
  1. Akitsugu_Ito’s avatar
    Akitsugu_Ito Customer published the disclosure report

    ()

  2. cyber_ritik’s avatar
    cyber_ritik requested disclosure

    ()

  3. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd sent a message

    ()

  4. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd marked the submission a duplicate of a previously submitted report

    ()

  5. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd changed the state to Informational

    ()

  6. soheesec_bugcrowd’s avatarbugcrowd logo
    soheesec_bugcrowd updated VRT to Broken Authentication and Session Management > Failure to Invalidate Session > On Password Reset and/or Change

    ()

  7. cyber_ritik’s avatar
    cyber_ritik created the submission

    ()