Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V4 - Access Control

Sensitive Token in URL

POC

Observe that sensitive token is stored in the URL via one of the followings: - User Facing - In the Background - On Password Reset

Impact

Low-Medium

Likelihood

Low