The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords (OTP) and sign in as other users.
This is a companion discussion topic for the original entry at https://www.cyberwoot.com/any-indian-digilocker-account-couldve-been-accessed-without-password/