Etiqueta: Apprentice

CORS vulnerability with basic origin reflection

Password reset broken logic

2FA simple bypass

Username enumeration via different responses

Authentication bypass via OAuth implicit flow

Flawed enforcement of business rules

Inconsistent security controls

High-level logic vulnerability

Excessive trust in client-side controls

Information disclosure in version control history