beancount-mobile icon indicating copy to clipboard operation
beancount-mobile copied to clipboard
verified publisher icon stargately

Password reset Link is not expiring after getting a new reset link

Open Amitkumar711 opened this issue 2 years ago • 0 comments

Hello Security Team

I would like to report security issue

Vulnerability Details :-

Vulnerable link : https://beancount.io/forgot-password Vulnerability Name : Password reset Link is not expiring after getting a new reset link

Steps to reproduce :-

  1. Go on password reset link
  2. Put email address and get password reset link
  3. Don't use the link
  4. go again on login page & request a another password reset link
  5. now use the old reset link to reset the password which is sent in step 2
  6. link is working ! password is reset

Explanation :- Suppose at 07:00 hrs I used password reset options of beancount.io and got a token on my email. Lets call it token 01. But i did not use it.And at 07:02 hrs I used again the password reset option and got a new token, which is token 02. Now generally after the issuance of token 02, the previous unused token should expire. But in case of beancount.io , its not happening

Mitigation :- All unused tokens should expire automatically after the issuance of a new token

Please Fix the issues

Thanks & Regards, Amit kumar

Amitkumar711 avatar Apr 06 '24 13:04 Amitkumar711