Forgot Password Vulnerability leads to Account Takeover

Forgot Password Vulnerability leads to Account Takeover

Hello all, recently I have found an “Forgot Password – Account Takeover” vulnerability in one of the famous mobile application (the vulnerability is now fixed).  Although, this might not be the new finding or any miracle attack. I just wanted to share this because here I wanted to share how badly the forgot password functionality was…