Y
Hacker News
new
|
ask
|
show
|
jobs
by
pedrobelo
5090 days ago
Kind of a long shot, but their "forgot password" flow allows for username enumeration attacks:
https://www.dropbox.com/forgot