- User Enumeration
- Missing Rate Limiting
- SQL Injection
- Cross-Site Scripting
- Text Injection/Content Spoofing
- HTML Injection in Email
- Password Reset Poisoning via Host Header Injection
- Re-usable Password Reset Token
- No Expiration on Password Reset Token
- Guessable Password Reset Token
-
Security Question Bypass during Password Reset
- Direct Request
- Referrer Check Bypass
- Parameter Pollution
- Reset Token Leakage in Response
- Password Reset OTP Brute-Force
- Weak Cryptography in Reset Token Generation
- Insecure Direct Object Reference
- IDN Homograph Attack
- Account Takeovers
- Third-Party Leakage
- Weak Password Policy
- Insufficient Session Expiration on Password Change
- MFA Auto Disable after Password Reset
- MindMap By: Harsh Bothra
Twitter: @harshbothra_
https://harshbothra.tech