Factlink: Meta characters not filtered on signup

2014-05-27T18:03:49
ID H1:13679
Type hackerone
Reporter shahmeer-amir
Modified 2014-07-08T10:00:32

Description

You have not filtered control meta characters such as %00 etc on the sign up which allows an attacker to impersonate or hide their real identity within the application