Gratipay: User Enumeration

2016-12-21T08:18:00
ID H1:192986
Type hackerone
Reporter aa23
Modified 2016-12-27T13:17:26

Description

Dear Gratipay Team,

there is a Username Disclosure of a user in your web application's Source Code . For futher detail i have enclosed the screenshot of the vulnerability . Please find the attachment !!

Preventive Measure:: hide username fromm sourcr code Encrypt the username