Uzbey: CMS Information Disclosure

2014-06-23T08:13:29
ID H1:17297
Type hackerone
Reporter gangw4n
Modified 2014-08-07T18:45:45

Description

Hi,

I noticed that the CHANGELOG.txt disclose Drupal vesion. It might help an attacker to perform information gathering and help an attacker to find the vulnerabilties from the version.

PoC: https://staging.uzbey.com/CHANGELOG.txt