bitaccess: BYASSING OTP Verification

2016-04-13T22:35:48
ID H1:130460
Type hackerone
Reporter geekboy
Modified 2016-06-22T19:18:43

Description

OTP was not properly checked on the session so it could have been bypassed by intercepting the server response and changing its value to valid.