Why to use captcha when SOP exists? [closed]


I just read about SOP (same origin policy), and I tried to learn this more and learn how it works. I tried to reset my password (In a chat forum) using HTTP Requests in Python, and most of them have captcha, why do websites need captcha when SOP exists?

The SOP doesn’t allow other places to perform those tasks, right? And how can attackers bypass the SOP and try to reset other people’s passwords?