HackerOne: Two-factor authentication bypass lead to information disclosure about the program and all hackers participate

Vulnerability description not provided...

HackerOne: Customer private program can disclose email any users through invited via username

Summary: Hey team,This bug could have been used by my calculations a long time ago Steps To Reproduce: 1Go to https://hackerone.com/hackeroneh1pbbp3/launch 2Take invite via username 3Input username , send invite 3.1When an invite is created, we get a token 4Now Go use GraphQL query...