Authentication Bypass

Severity:

Medium

How to test:

Check if post-authentication URLs are directly accessible without any authentication cookies or relevant headers.
n case the URL is guessable or accessible without auth, it can lead to an account takeover.

PreviousAUTHENTICATION NextLack of Password Confirmation

Last updated 1 year ago