Another shocking bug, this really is unacceptable, these types of companies should hire people who can spot these type of flaws!
improbable, too expensive. if i had the skill to detect such flaws, i could sell it in the dark web or to the company for lot of cash; i won't be satisfied with a poor monthly salary when i can get hundreds of grands in one shot. Some companies even employs tons of blackhats to specifically find and sell vulnerabilities to the best buyers.
Slack Bug Allowed Automating Account Takeover Attacks March 13, 2020 https://www.bleepingcomputer.com/ne...-allowed-automating-account-takeover-attacks/
