Yandex money vulnerability or how to recover a payment password
Good afternoon, Habr!
I want to tell you a story of how easily and effortlessly it was possible to restore a payment password from Yandex.Money.
Recently, I came across an ad that offered Yandex.Money withdrawal services for a certain percentage, without a payment password. Searching the Internet, I came across a topic that described this method of recovering a payment password.
As you can see, the method was very simple.
I wrote to Yandex support, after which the vulnerability was closed, but I never received a response.