EIP-2026-105553

This exploit demonstrates an account takeover vulnerability in Bludit 4.0.0-rc-2 by leveraging a vulnerable API token key to change the admin account password. The attacker sends a crafted PUT request with a JSON object containing the token and new credentials to hijack the admin account.