The application uses an insecure password reset. Improperly providing password reset functionality exposes weaknesses that may allow an attacker to capture or reset a user’s password. An attacker who takes advantage of these flaws can obtain unauthorized access to a user’s account and gain access to sensitive data in the application.
An insecure password reset allows an attacker to reset another user’s password in order to bypass authentication and gain access to user accounts. An attacker who can control user passwords can take over a user’s account and potentially access sensitive data or functions in the application.
How To Test
Sample Report Screenshots
Time Saving Tips