HackerOne: Lack of Validation in Reward Redemption Allows Unlimited Burp Suite License Abuse
A vulnerability was discovered in the reward redemption process of a points and rewards system. The vulnerability allowed an attacker to obtain multiple valid Burp Suite Pro licenses by using different email addresses, without any validation or verification tied to the user's account. The email...