The recently disclosed Hacker One vulnerability was just used to reset my password forcibly without my consent. Thankfully I was in front of my computer and was able to reset it again right away. Additionally it doesn’t seem like the person who reset my password logged in quickly enough to compromise my account fully.
I haven’t used this account in 8+ years, but it’s still a bit weird. Thankfully there was no important information in my account.
Are you all absolutely sure that this vulnerability is completely closed and solved?