The SCIM provisioning feature in HackerOne's sandbox program was vulnerable to account takeover. An attacker could create a user with an email they controlled, import existing users, assign the victim account to the attacker's user, change the email parameter, and reset the password to gain access to the victim's account. The vulnerability existed due to issues with how the username and email fields were handled during the SCIM provisioning…Read More