Password reset link not expired in answerdev/answer

Valid

Reported on

Mar 21st 2023


Hi team, I hope you are well today.

This is the step: Reset your password with this link https://meta.answer.dev/users/account-recovery

I have recognized that links can use many times.

Beside https://meta.answer.dev/users/account-activation?code=...

active account have the same vulnerability.

Ok thank.

here is the same report: https://hackerone.com/reports/685007

Impact

account takeover

We are processing your report and will contact the answerdev/answer team within 24 hours. 2 months ago
We have contacted a member of the answerdev/answer team and are waiting to hear back 2 months ago
oiiwroo
2 months ago

Researcher


anyone here :')

answerdev/answer maintainer validated this vulnerability a month ago

https://github.com/answerdev/answer/commit/813ad0b9894673b1bdd489a2e9ab60a44fe990af

oiiwroo has been awarded the disclosure bounty
The fix bounty is now up for grabs
The researcher's credibility has increased: +7
answerdev/answer maintainer marked this as fixed in 1.0.6 with commit 813ad0 a month ago
The fix bounty has been dropped
This vulnerability has been assigned a CVE
answerdev/answer maintainer published this vulnerability a month ago
oiiwroo
a month ago

Researcher


Thank :)

to join this conversation