|
|
|
|
|
|
by ohithereyou
2301 days ago
|
|
|
All the more reason to not submit bugs like this to HackerOne. If you can bypass 2FA by having only one factor then I wouldn't consider that 'stolen credentials' and more a singular stolen credential. Their system is designed to defend against this and it does so ineffectively. That is, by definiton, a security issue. I wish I could define what is and isn't a bug in my code at work. My defect rate would be incredible. |
|
|