F102. Email uniqueness not properly verified

Description

The system performs a partial check on the uniqueness of email addresses, as it does not properly filter the "+" character. As a result, "user@exam.com", "user+1@exam.com" and "user+100@exam.com" are considered independent despite the fact that they all represent the "user@exam.com" email account. This lack of validation could cause two independent accounts to be linked to the same email address.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy