Chaining rate limiting for account lockout

While I was testing for an android app of a public bug bounty program in Bugcrowd, I noticed there was lack of rate limiting in different forms and actions.
Rate limiting are basically low hanging bugs and out of scope most of the time but one thing that particularly caught my attention was forgot password feature.

While I tried to reset password for a particular email, instead of sending the password reset email , password was reset automatically and sent to inbox.
So, I intercepted the request at sent to intruder for changing…