Submitter : c2a
Date: 18 September 2023
Bounty : undisclosed
Vulnerabilities :
- Account Takeover
- Android
- Hardcoded Credentials
- Weak Crypto
- Authentication Bypass
- Client-Side Enforcement of Server-Side Security
Programs :
Authors :
Link : https://www.vaadata.com/blog/insecure-authentication-tokens-leading-to-account-takeover/