This Vulnerability is easy to identify and perform.
Steps:
1. Open you account in two different browsers.
2. Enable 2FA ( 2 Factor Authentication) from one of the browser.
3. Go to other browser and check if you can attempt some authenticate actions like changing username or editing profile etc.
4. If you can do, you can successfully claim that vulnerability.
Simple yet, powerful!
PS: I wont be telling exploit, as some people might use in negative way!
