Actions

Support #3108

open

Unauthenticated Self-Registration Endpoint

Added by Veng Liza 21 days ago. Updated 21 days ago.

Status:
Completed
Priority:
Normal
Assignee:
Start date:
06/23/2026
Due date:
06/23/2026 (21 days late)
% Done:

100%

Estimated time:
Tester:
Testing Percentages:
0%

Description

The user registration endpoint is accessible without authentication. The endpoint processes requests and returns detailed validation errors, revealing required registration parameters and account creation requirements. This information may assist attackers in crafting valid registration requests and abusing the registration functionality.


Related issues 2 (2 open0 closed)

Copied from Support #3094: Potential IDOR – Unauthorized Modification of Internal Business Pairing DataCompletedSall Sokkheng06/25/202606/26/2026

Actions
Copied to Support #3109: Improper Error Handling CompletedVeng Liza06/24/202606/24/2026

Actions
Actions

Also available in: Atom PDF