Dozens of web apps vulnerable to DNS cache poisoning via ‘forgot password’ feature
In a study of 146 web applications, Timo Longin, security researcher at SEC Consult, found misconfigurations that malicious actors could exploit to redirect password reset emails to their own servers.