Share
## https://sploitus.com/exploit?id=PACKETSTORM:168423
# Exploit Title: Bookwyrm v0.4.3 - Authentication Bypass  
# Date: 2022-08-4  
# Exploit Author: Akshay Ravi  
# Vendor Homepage: https://github.com/bookwyrm-social/bookwyrm  
# Software Link: https://github.com/bookwyrm-social/bookwyrm/releases/tag/v0.4.3  
# Version: <= 4.0.3  
# Tested on: MacOS Monterey  
# CVE: CVE-2022-2651  
# Original Report Link: https://huntr.dev/bounties/428eee94-f1a0-45d0-9e25-318641115550/  
  
Description: Email Verification Bypass Leads To Account Takeover in bookwyrm-social/bookwyrm v0.4.3 Due To Lack Of Ratelimit Protection  
  
# Steps to reproduce:  
  
1. Create a acount with victims email id  
2. When the account is created, its ask for email confirmation via validating OTP   
Endpoint: https://site/confirm-email  
3. Enter any random OTP and try to perfrom bruteforce attack and if otp matches, We can takeover that account