The dev tools on Grindr’s password-reset page displayed a password-reset URL that should’ve only been accessible from a user’s email inbox.
(CHRIS DELMAS/AFP via Getty Images) Grindr has fixed a security flaw that allowed for password resets without access to a user’s email inbox, and said it will introduce a bug bounty program to simplify vulnerability reporting. As security researcher Troy Hunt outlines, the flaw was present on Grindr’s password reset site. After entering an email address and solving a CAPTCHA, the site produced a message that told people to check their email for a password reset link. Opening up the dev tools of that site, however, anyone could view the reset URL that was sent to the user; no access to their email inbox necessary. “This is one of the most basic account takeover techniques I’ve seen,” Hunt writes.
