Brave Software: Brave: Admin Panel Access

2016-10-12T11:27:09
ID H1:175366
Type hackerone
Reporter ranjith16
Modified 2017-08-10T05:11:23

Description

Steps to reproduce

While browsing through the https://blog.brave.com/admin, it is getting redirected to a admin login panel https://brave.ghost.io/ghost/signin/.

Consequence An attacker can easily enumerate this admin panel with the url such as https://blog.brave.com/admin and with brute force attack this can be bypassed, but I didn't do that. If a known ghost.io vulnerability exists there can be chances of even taking over the sub domain.

Remediation

It's recommended to give custom directory names instead of easily guessable names such as "admin" for such sensitive directories.

Please find the attached screenshots.