文章描述了一个业务逻辑漏洞:用户通过修改邮箱格式(如添加点或字符),在注册页面被阻止后,在“未收到邮件”页面再次修改为非白名单邮箱格式,成功绕过唯一性限制并创建账户。 2026-1-5 13:14:41 Author: infosecwriteups.com(查看原文) 阅读量:7 收藏
This is a cool business logic flaw. While hunting on the xyz website, I discovered that users could bypass the email-uniqueness restriction during account creation by manipulating email formatting (for example, using dots or character addressing).
Here is the flow:
Page 1: Registration >> Unwhitelisted email (Blocked) >> Whitelisted email (Accepted)
Page 2: Resend token/email not received >> Modify to Unwhitelisted email (Accepted)
The system initially prevent creating accounts with similar email format but then on another tab, users could trigger the “email not received”, then modify the email to the unwhitelisted email format to receive a confirmation email.
Get Umanhonlen Gabriel’s stories in your inbox
Join Medium for free to get updates from this writer.
The impact was how users could bypass the initialy restriction on the account creation page on the not received email page.
Press enter or click to view image in full size
Tips:
Bug bounties require patience and a careful understanding of how an application works. Always check for inconsistent validation or normalization across different endpoints.
Feel Free to connect with me on LinkedIn or X :
https://www.linkedin.com/in/umanhonlen/
Thank you!
如有侵权请联系:admin#unsafe.sh