Lets login with our credentials.

After success full login we are redirected to the above (My Account) page.

Lets log out from this account and see what is behind the forgot password.

lets try resetting our password.

Ok we get mail with the reset link.

Lets check what is happening behind the scene.

Turn on your burp suite to intersept the traffic.

While you intercept is turn on, enter new password and hit submit.

The username field looks interesting.
lets change it to carlos and watch the response

After changing the username, send the request.

We can see 302 status code. Which is great news.
Lets click on Follow redirection and watch the result.

The 302 status code is a redirection message that occurs when a resource or page you’re attempting to load has been temporarily moved to a different location

Well , no error so far.
Lets try to login with carlos and our new password

And it worked.

Success.