Logic Flaw Vulnerability at My NJ Client APP Change Password Function
My Nanjing Client APP is a city-level public service mobile application that integrates all kinds of living information in Nanjing. A logic flaw exists in the password change function of MyNJ Client APP. Since the original password is not verified when changing the password, it allows an attacker...