It also provides 1GB storage space to each account to upload scanned copies of legacy documents.
The service has over38 millionregistered users.
The issue was first discovered by Mohesh Mohan, a senior security specialist for Dubai smart Government.
This prompts the service to send an OTP and subsequently exploit the flaw to bypass the sign-in process.
It was observed that the API calls from mobile were using basic authentication to fetch data or do transactions.
source: www.techworm.net
