FirstBlood-#275 — Register as non admin doctor
This issue was discovered on FirstBlood v1
On 2021-05-15, twsec Level 2 reported:
i really cracked my head from this, at first i thought there must be some bypass or hidden api endpoint, but all it was some OSINT
we google firstbloodhackers and we get
![](https://res.cloudinary.com/bugbountynotes/image/upload/v1621105327/xdt9vwpy1xozzfwtmrbz.png)
a reddit link we open it and
![](https://res.cloudinary.com/bugbountynotes/image/upload/v1621105362/zgstkphiaduf7w8v7at9.png)
and we find the invite code
then we use the invite code and register a new doctor
![](https://res.cloudinary.com/bugbountynotes/image/upload/v1621105404/sw66nvmhiwehjw6dcpva.png)
P2 High
Endpoint: /register
Parameter: unique invite code
Payload: F16CA47250E445888824A9E63AE445CE
FirstBlood ID: 15
Vulnerability Type: Auth issues
A doctors invite code is leaked on the internet which if used grants anyone access to the doctor portal. The invite code should expire after use.