Mail.ru: No bruteforce protection leads to enumeration of emails in http://e.mail.ru/
There is no bruteforce protection here http://e.mail.ru/cgi-bin/passrestore?email=email here Also the actual thing is when I put a non-existing email in the above url's "email" parameter I get an error. But if i put my email there it gives the option to recover my password which means the email...