Username enumeration via different responses
2FA simple bypass
Password reset broken logic
Username enumeration via subtly different responses
Last updated 10 months ago