writeups.xyz / User's email disclosure via invalid password reset link [$250]

Submitter : c2a

Date: 13 March 2020

Bounty : 250

Vulnerabilities :

• Password Reset
• Information Disclosure

Programs :

• Undisclosed

Authors :

• Myo Min Thu (@Myominthu1337)

Link :
https://web.archive.org/web/20200511115634/https://medium.com/@godofdarkness.msf/users-email-disclosure-via-invalid-password-reset-link-250-c431ed46680e