Summary by Dropbox
This report demonstrated a way to bypass 2FA. A fix for the issue has been released and it was applied for existing users through an automatic update.
Bypass 2fa ->Dropbox Sign,Dropbox Form ,Dropbox Fax . Using Google as login
Disclosed by mchmatt-- Engagement Dropbox
- Disclosed date over 2 years ago
- Points 10
- Priority P3 Bugcrowd's VRT priority rating
- Status Resolved This vulnerability has been accepted and fixed
Summary by mchmatt-
I want to show limited details, do not display my password or the email I used for testing.