Hey @VOXI_UK! There’s a security #vulnerability in your website. An attacker can (a) exfiltrate mobile numbers and (b) authenticate bypassing OTP.
Not sure who to talk to about ethical disclosure. Let me know?
Next Post:
Do What You’re Bad At
Do What You’re Bad At
2 replies to this post
Leave a Reply Cancel reply
Related Posts
NISTs new password rules what you need to know
It’s no secret. We’re really bad at passwords. Nevertheless, they aren’t going away any time soon. With so many websites…
Milk and Mail Notifications with Flic 2 Buttons
Dan deploys Flic 2 "smart buttons" to remind him to read his post and bring the milk in.
How Edge Follows In IE's Security Failings
Replicating an experiment Steve Gibson performed into browser EV certificate acceptance, Dan discovers that an ugly security-weakening "feature" of Internet…
I'd Like to Change my Mother's Maiden Name
LastPass users are having to cycle their passwords in the light of a recent security incident. That might well include…
Hey Dan. Thanks for bringing this to our attention, can you please drop us a DM so we can take a further look into this? This can also be reported on the link here – vodafone.com/about-vodafone… 🙂 Liam
Thanks; I’ve filed a report now.