A critical vulnerability known as Password Reset Link Poisoning has recently come under the spotlight, exposing web users and organizations to the risk of full account takeover. This flaw, which leverages Host Header Injection, enables attackers to manipulate the domain in password reset links, redirecting users to malicious sites and capturing sensitive reset tokens in the process, […]

The post Password Reset Link Poisoning Leads to Full Account Takeover appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/password-reset-link-poisoning/