writeups.xyz / Mail Server Misconfiguration leads to sending a fax from anyone’s account on HelloFax (Dropbox BBP) for a bounty of $4,913

Submitter : c2a

Date: 25 July 2022

Bounty : 4,913

Vulnerabilities :

• Email Spoofing

Programs :

• Dropbox

Authors :

• Sayaan Alam (@Ehsayaan)

Link :
https://infosecwriteups.com/mail-server-misconfiguration-leads-to-sending-a-fax-from-anyones-account-on-hellofax-dropbox-bbp-aab3d97ab4e7