A critical authentication bypass vulnerability in Companies House allowed unauthenticated access to any company's dashboard by using the browser back button after failing authentication. The flaw exposed personal information (home addresses, email, full dates of birth) for 5 million directors and enabled editing of company details and filing of accounts.
GitHub's sudo mode feature requires re-authentication for sensitive account actions (email changes, SSH key additions, PAT creation, third-party app authorization) with a 2-hour session timeout. Users can confirm access via password, passkey, security key, GitHub Mobile, 2FA code, or social login email.
A 2FA bypass vulnerability was discovered on Pandao.ru (Mail.ru's extended program) where CSRF tokens used to disable 2FA never expire, allowing an attacker to reuse the same token to disable 2FA on victim accounts. The vulnerability was reported but no bounty was awarded as the program excludes client-side attacks.
A logic flaw in 2FA implementation across multiple platforms (Google, Microsoft, Instagram, Cloudflare) allows an attacker to maintain persistence after password recovery by exploiting session renewal in the 2FA page and leveraging the fact that disabled 2FA codes still validate, enabling account takeover without knowing the current password.
A bug bounty writeup demonstrating how multiple vulnerabilities (CORS misconfiguration, open redirect, XSS, session non-invalidation, and logical bugs) were chained together to achieve full account takeover and steal user data including email addresses, discount codes, and purchase history.
Ribose had an IDOR vulnerability allowing attackers to delete or modify other users' profile photos by simply changing the user ID in DELETE/POST requests while reusing their own valid CSRF token and session, effectively bypassing authorization checks.
A CSRF vulnerability on Mail.ru's Pandao.ru subdomain allowed disabling 2FA on victim accounts by reusing a non-expiring CSRF token, demonstrating a client-side authentication bypass technique via malicious HTML file delivery.
Parevo Core is a modular Go library that consolidates authentication, multi-tenancy, and permission management (RBAC/ABAC) across common web frameworks and databases. It provides auth primitives (JWT, OAuth2, SAML, LDAP, WebAuthn), tenant isolation with SQL filters, and pluggable storage adapters for MySQL, Postgres, MongoDB, and Redis.