V3 - Session Management
Password Link Expiration Errors
POC
- Send a password reset link
- Use the link multiple times and observe it’s not expired after one time use
Impact
Low-Medium(if the token in the link is not complex and brute-forceable)
Likelihood
Low