WhoAmI

I am Ankit Rathva and i am a student of MCA 1st year, I am an ethical hacker and security researcher with a passion for finding logic, authorization, and data-integrity flaws in web applications. As a bug bounty hunter and red teamer, he combines hands-on testing, forensic analysis, and careful disclosure to help teams fix impactful issues while protecting users. He publishes clear, developer-friendly writeups and practical mitigation advice — connect to follow his work or collaborate on security research.

Connect with me: https://linkedin.com/in/ankitrathva

Getting your first bug bounty reward is always special. After spending a lot of time learning web security, testing applications, and understanding vulnerabilities, receiving that first reward feels like a milestone.

Recently, I discovered an Email Verification Bypass vulnerability in a web application. Even though the company classified it as Low Severity, it became my first bug bounty reward of $150, which was a great motivation for me to continue hunting.

In this article, I will explain how I discovered the vulnerability, how it works, and the potential impact.

🔍 Overview

Vulnerability Name: Email Verification Bypass Impact: Verification of an email address without owning or accessing it Severity: Low (as classified by the company) Vector: Email change + cancel change logic flaw in verification workflow Risk: Attackers can bypass email verification controls and operate accounts with unverified or fake email addresses 🚨

Discovering the Vulnerability

While exploring the registration process, I tried different user flows and noticed that the email change and verification logic had a flaw.

The application allowed me to manipulate the verification process in a way that ultimately verified an unverified email address.

This resulted in an Email Verification Bypass.

🧪 Steps to Reproduce (PoC)

1. Sign up with victim email and click on register
2. The verification link will be sent on your victim email.
3. Press back button and you will be redirect on account page where you can see the message confirm your email.
4. Now you can see the email edit option click on edit button.
5. Enter the email which you can able to access, like your personal email.
6. The new confirmation email link will be sent to your personal email.
7. After changing the email you can see in account cancel change button in email section.
8. Click on cancel change button.
9. Boom. You can see the victim email will automatically verified.

💥 Result: The system automatically verifies the original random email address, even though that email was never verified.

🎯 Impact

Although the platform classified this as Low Severity, it can still introduce several risks:

• Attackers can bypass email verification controls
• Malicious users can create unverified or fake accounts
• The platform may face spam, abuse, or automated account creation
• It may reduce trust in the account verification system

🛠 How the Company Responded

I reported the issue to the company's security team with a proof-of-concept video demonstrating the vulnerability.

Final Thoughts

This experience taught me an important lesson: small logic flaws can sometimes lead to security weaknesses.

Bug bounty hunting is not just about finding complex vulnerabilities. Sometimes carefully observing application workflows and edge cases can reveal interesting security issues.

Receiving my first $$$ bounty is just the beginning of my bug bounty journey, and I'm excited to keep learning and finding more vulnerabilities in the future.

If you want to read more findings, write-ups, and bug bounty guides, follow my Medium profile and turn on notifications — I post regular write-ups, technical walkthroughs, and practical mitigation tips. Thanks for reading!