idor misconfiguration vulnerability poc|| bug bounty 2023

Why you put invalid email than in burp you remove the invalid so weird this is not bug, you are not hacker

Thank you 👏very good

Please correct me your finding is that the email you updated and try to login with previous credentials but not login after that you tried to send forget password through previous email and it send the link in the email that is misconfigration

😮

like we have to add extra letters in email address and change it in intercepted request after forwarding it will not ask for password right?

not understannd bro can anyone please explain me

i need your latest video about sqli, but u made it private

biunty,?

Can explain it or can u share the report