Server side info disclosure/ Spamming inbox #1041
My name is suleman Malik and im security researcher. I have found a security vulnerability on https://www.python.org/accounts/password/reset/. Password reset is vulnerable to email flooding vuln. Image is attached with this report.
Here are two links that are disclosing server side information including server name version and operating system being used on python.org.
The text was updated successfully, but these errors were encountered: