Skip to content
#

broken-authentication

Here are 13 public repositories matching this topic...

The application contained a broken password reset implementation that failed to properly validate the relationship between the password reset request and the intended user account. By manipulating user-controlled parameters during the reset process, it was possible to reset another user's password without proper authorization.

  • Updated Jul 4, 2026

Improve this page

Add a description, image, and links to the broken-authentication topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the broken-authentication topic, visit your repo's landing page and select "manage topics."

Learn more