Weak Password policy on account registration in answerdev/answer
Apr 26th 2023
It was observed that application allows to create account with Blank spaces as password
Proof of Concept
1. Go to https://meta.answer.dev/users/register 2. Create account with 10 blank spaces as password Result: Application allows to create user account with blank spaces as password
The vulnerability may allow an attacker to guess users’ passwords and gain unauthorized access to the application.