Doppler: email spoofing on

ID H1:1071521
Type hackerone
Reporter ibrahimauwal
Modified 2021-01-04T21:12:36



There is an Email Spoofing vulnerability on your domain which allows an attacker to send an email with your domain name(such as and so on).

Steps To Reproduce:

  1. Go to
  2. Fill "From Email" field to or any other doppler email.
  3. Fill the victim's address (your email for test purpose) to "TO" field and fill in other details as you wish. You will receive email from doppler admin.


an attacker can send malicious emails to users on your behalf(using your domain)