You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 16, 2019. It is now read-only.
Once an auth token is stolen - which is sent in cleartext via a GET request in some cases (reset.php for instance) - an account is permanently compromised. Any attacker can visit isense's reset.php with a stolen auth key and reset the password of the targeted user.
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Once an auth token is stolen - which is sent in cleartext via a GET request in some cases (reset.php for instance) - an account is permanently compromised. Any attacker can visit isense's reset.php with a stolen auth key and reset the password of the targeted user.
The text was updated successfully, but these errors were encountered: