π U.S. Dept Of Defense: critical information disclosure
π‘ Newskategorie: SicherheitslΓΌcken
π Quelle: vulners.com
Description: hey all , I have found critical information through this endpoint /ββββββ; this endpoint contains all env vars used in a www.ββββββ such as server credentials, db ,mail , twitter client_id and client_secret , facebook client_id and client_secret, etc... Impact full access control on every services on website System Host(s) www.βββββββββ Affected Product(s) and Version(s) CVE Numbers Steps to Reproduce Go to https://www.βββββββββ/ββββββββ; you need to put ; to bypass 401 error Suggested Mitigation/Remediation... ...