- registers account and logs in (no need to verify)
- changes email address to another mail and verifies it
- clicks on old verification link which was sent to old mail
- account is deleted!
(TO DELETE THE ACCOUNT YOU HAVE TO CONTACT SUPPORT) #bugbountytip#bugbountytips
original report!
its just that if old gmail acc is compromised then also the attacker can use verification link and it will delete that account meanwhile. to delete account i think u have to contact support and do some verification stuffs!
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I have seen many reports regarding MFA bypass and many repos has got techniques to bypass MFA but here is one of my personal method or never seen before technique to bypass MFA, make sure to add it to your checklist ;)..... follow 👇