I’ve found both portals and am able to login to both. The password-only portal, I cannot seem to get a vuln to trigger. The user/pass portal, I cannot seem to find anything other than one URL param to manipulate. However, I can’t seem to figure out what else to try.