-
August 18th, 2009, 08:27 PM
#1
tagged.com emails auto-login
I just signed up for tagged.com because I heard about something strange...
Apparently - they send email notifications with tokens in the URL that authenticate you automatically to their site after clicking...
I was wondering what kind of vulnerabilities would exist with this... For instance if my email account is ever used by anyone else again, they would receive these emails that let them into my account.
At the same time though, password reset emails would get them in all the same.
Does anyone else see this as a problem? It seems fishy...
Similar Threads
-
By FanacooL in forum Computer Forensics
Replies: 13
Last Post: September 5th, 2006, 09:46 AM
-
By valhallen in forum Programming Security
Replies: 10
Last Post: August 29th, 2006, 10:46 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By mani034 in forum *nix Security Discussions
Replies: 5
Last Post: September 25th, 2003, 01:19 PM
-
By -DaRK-RaiDeR- in forum Newbie Security Questions
Replies: 9
Last Post: December 14th, 2002, 08:38 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|