h1-ctf: [h1-415 2020] h1ctf{y3s_1m_c0sm1c_n0w}

Summary: add summary of the vulnerability Account takeover was possible because of the email validation used - [email protected] could be registered, but when the the system created the recovery QR code the extra symbols would get stripped leaving us with a valid recovery QR code to log into...