Improper Authentication vulnerability allow anyone to reset password in UBER

An Italian security expert Vincenzo C., who is popular on Twitter as @Procode701, has discovered a critical Authentication vulnerability in UBER by which anyone can reset the password for any account. The company held the Bug Bounty program which was operated by Hackerone where the researcher found the ‘Improper Authentication’ vulnerability.

Read full news article on E Hacking News