Actions

Support #3108

open

Unauthenticated Self-Registration Endpoint

Added by Veng Liza 21 days ago. Updated 21 days ago.

Status:
Completed
Priority:
Normal
Assignee:
Start date:
06/23/2026
Due date:
06/23/2026 (21 days late)
% Done:

100%

Estimated time:
Tester:
Testing Percentages:
0%

Description

The user registration endpoint is accessible without authentication. The endpoint processes requests and returns detailed validation errors, revealing required registration parameters and account creation requirements. This information may assist attackers in crafting valid registration requests and abusing the registration functionality.


Related issues 2 (2 open0 closed)

Copied from Support #3094: Potential IDOR – Unauthorized Modification of Internal Business Pairing DataCompletedSall Sokkheng06/25/202606/26/2026

Actions
Copied to Support #3109: Improper Error Handling CompletedVeng Liza06/24/202606/24/2026

Actions
Actions #1

Updated by Veng Liza 21 days ago

  • Copied from Support #3094: Potential IDOR – Unauthorized Modification of Internal Business Pairing Data added
Actions #2

Updated by Veng Liza 21 days ago

Actions #3

Updated by Veng Liza 21 days ago

  • Due date changed from 06/26/2026 to 06/23/2026
  • Status changed from In Progress to Completed
  • Start date changed from 06/25/2026 to 06/23/2026
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF