U.S. Dept Of Defense: Information disclosure on a DoD website

2016-11-22T08:29:47
ID H1:184076
Type hackerone
Reporter tsug0d
Modified 2017-07-03T18:18:13

Description

A Department of Defense website was mis-configured in a manner that could have exposed personal account information. @tsug0d was as able to demonstrate this vulnerability by crafting a specially formatted URL. Thank you for notifying us!

LDAP Injection