weak protection against brute-forcing on login api leads to account takeover https://hackerone.com/reports/766875 Severity: Critical Reported To: Palo Alto Software Reported By: #zer0code State: Resolved Disclosed: August 29, 2022, 6:23pm (UTC) 220 views18:35