Gratipay: User Enumeration

ID H1:192986
Type hackerone
Reporter aa23
Modified 2016-12-27T13:17:26


Dear Gratipay Team,

there is a Username Disclosure of a user in your web application's Source Code . For futher detail i have enclosed the screenshot of the vulnerability . Please find the attachment !!

Preventive Measure:: hide username fromm sourcr code Encrypt the username