This incident which i am going to share with you , is dated back when I first started learning what testing was.... May be you too will find this interesting.I used to work as a freelancer, I was given a website to test. As I was starting up as a tester, I was really excited.were no documentation so was actually doing ET (I didnt know that was exploratory testing at that point :))
It was then I found this out, The bug was pretty funny but a very serious security flaw.There
The ‘Forgot password section’:
As you all know that the forgot password section is of great use in any website, but if not properly validated it could be a very serious security issue.
The system sends password to any given email id without validating if the given id was mapped against the corresponding user name in the system database
I just was negative testing it, but the password was actually sent the email ad, This was a real security flaw.A big one.
That was one bug that changed my whole concept about the testing.
I think This is going to help you guys too. Because I still find websites(Being tested) with the Similar issues. Its a wolf in sheep's disguise guys.
You got the header right..... I have always used "Disguise" with boon, but this really is a Wolf in disguise without much thought......... Though you might have found it to be initially, i am pretty sure that, this would be one bug that would remain with you forever...... To end - "Life's funny, but be secure"...
ReplyDeleteThank you Peixe...
ReplyDeleteYea sure it is !
:) Thanks fo the comment!!!!
You know why these errors are created by programmers .. Cause they are very keen to test testers testing ability. :-)
ReplyDeleteDon’t fall in any pit
@ rebirth in a mono color world:
ReplyDeleteThis is one Xcuse we get to hear all the time. Try a better one mate!!!