From a0d4e6bc140e73fba6d19de90514987b937a57ba Mon Sep 17 00:00:00 2001 From: Zach Heller Date: Mon, 8 May 2023 10:00:19 -0700 Subject: [PATCH] Add space to 0xa2-broken-authentication.md --- 2023/en/src/0xa2-broken-authentication.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/2023/en/src/0xa2-broken-authentication.md b/2023/en/src/0xa2-broken-authentication.md index f6c15eb25..8659ae3f9 100644 --- a/2023/en/src/0xa2-broken-authentication.md +++ b/2023/en/src/0xa2-broken-authentication.md @@ -84,7 +84,7 @@ Authorization: Bearer Because the API does not require the user to confirm their identity by providing their current password, bad actors are able to put themselves in a -position to steal the auth token.They also might be able to take over the +position to steal the auth token. They also might be able to take over the victim's account by starting the reset password workflow after updating the email address of the victim's account.