1st ATO: How I Exploited a Security Issue to Take Over an Admin Account

A detailed breakdown of my first Account Takeover (ATO) finding — from initial recon to exploiting a critical security misconfiguration that led to full admin access.