Hey everyone! We’re at Day 25 of our bug bounty deep dive, and today’s find is a classic example of why you should never trust a process just because it looks secure. The target was a popular social media platform with over a million users. Their password reset flow was textbook: enter email, get a link, set a new password. But during testing, I noticed a tiny, almost imperceptible quirk. If you requested two reset emails in quick succession, the system got confused. This confusion was the tip of the iceberg. By exploiting a fundamental flaw in the application’s “state machine” — the logic that governs the status of a reset process — I was able to create a script that automatically compromised user accounts faster than their owners could secure them. The platform paid a $5000 bounty for this critical logic flaw.

free link

The Psychology of Password Reset

Password reset is a critical trust pathway. Users are trained to click the link in their email without a second thought. This makes it a prime target for attackers. Most tests focus on token leakage or predictability. But the real vulnerability often lies in the…