HackerOne Bug Bounty Disclosure: changing-the-administrator-password-via-admin-console-does-not-invalidate-other-sessions-osama-hamad

Company Name:
PortSwigger Web Security

Company HackerOne URL:
https://hackerone.com/portswigger

Submitted By:
osama-hamad

Link to Submitters Profile:
https://hackerone.com/osama-hamad

Report Title:
Changing the administrator password via admin console does not invalidate other sessions

Report Link:
https://hackerone.com/reports/2279041

Date Submitted:
20 May 2024

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee

Patreon

To keep up to date follow us on the below channels.

HackerOne Bug Bounty Disclosure: changing-the-administrator-password-via-admin-console-does-not-invalidate-other-sessions-osama-hamad

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

API Security Threats: 83% of Companies Experience Security Incidents

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

You may have missed

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

API Security Threats: 83% of Companies Experience Security Incidents

Microsoft Power Pages: Misconfiguration Risks and Data Exposure