In this post, I will explain how I found an authentication bypass, and further explored the functionality of the website, to increase the impact of the submission. The target had a wide scope and the main domain did not have that much functionality, so after a quick look around, I…