Zomato: Authentication Bypassing and Sensitive Information Disclosure on Verify Email Address in Registration Flow
The zomato.com web application is vulnerable to authentication bypassing and sensitive information disclosure. The flaw exist in “Verify Email Address” link which is received in a mail after registration. Once the user enters Full Name, Email Address and Password during registration, he/she is...