Summary :
A bug in the [Forget password ] results in the disclosure of usernames via email, potentially violating user privacy and security policies
Steps to Reproduce:
- Go to the Forgot Password page and enter your victim’s email address.
- Intercept the request and look at the decode option.
- You will see your victim’s full user name, first name and last name.
- plese see poc vdeo
Expected Behavior :
Usernames should not be included in email communications, especially in headers or other areas visible to unauthorized recipients. Instead:
Use anonymized references (e.g., “Dear User”).
Avoid including sensitive data in email headers.
Security Impact :
Exposure of usernames could lead to targeted attacks (e.g., phishing, social engineering).
Violates user privacy expectations and may breach compliance standards (e.g., GDPR, CCPA).
Suggested Fix :
Remove usernames from emails where not essential.
Use generic placeholders or hashed values if identification is necessary.\
