← All Labs
Password Reset — Predictable Token
OldMail's password reset uses a token that's just the user's ID + the current timestamp, base64-encoded. Reset the admin's password by guessing the token.
OldMail's password reset uses a token that's just the user's ID + the current timestamp, base64-encoded. Reset the admin's password by guessing the token.