Content is hidden
Insecure Direct Object Reference (IDOR)
Email HTML Injection
Broken Access Control (BAC)
No Rate Limiting on Form
Sensitive Data Exposure
Subdomain Takeover
DoS
Authentication Bypass