Unauthenticated users can access sensitive web URLs...
Moderate severity
Unreviewed
Published
Apr 3, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Apr 1, 2022
Published to the GitHub Advisory Database
Apr 3, 2022
Last updated
Jan 27, 2023
Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.
References