- First, when I create an account on the sites, more than one request goes to the server
- And one of the requests was to put the name of the account
- In the response of the request, there was an email for the name in the request
- So I said, well, why don’t you try to change the name ?
- I was shocked after I saw that if I changed the name, I could see the email of the user in the Response
- Then I said let me try to add an email header to the request And see what happens ?
- I was shocked after the email was changed in response !
- So I went to my second account profile immediately to see if the email had changed ?
- Unfortunately, it was not changed, although it was changed in response !
- Then I said maybe it was changed in the Back-End Only ?
- I went to reset the password with the email that I changed
- I was shocked when I saw that I had received a reset password email !!!\
- Now I was able to take over any account just by knowing the username !