Yandex money vulnerability or how to recover a payment password
![image](https://habrastorage.org/files/ba3/533/2f0/ba35332f0b434850a2f935fc24730375.jpg)
Good afternoon, Habr!
I want to tell you a story of how easily and effortlessly it was possible to restore a payment password from Yandex.Money.
Recently, I came across an ad that offered Yandex.Money withdrawal services for a certain percentage, without a payment password. Searching the Internet, I came across a topic that described this method of recovering a payment password.
As you can see, the method was very simple.
I wrote to Yandex support, after which the vulnerability was closed, but I never received a response.