U.S. Dept Of Defense: Information disclosure vulnerability on a DoD website

2017-03-04T00:26:07
ID H1:210525
Type hackerone
Reporter twicedi
Modified 2017-07-05T20:36:21

Description

A Department of Defense website was mis-configured in a manner that could have exposed sensitive information about the web application or system. @twicedi was able to demonstrate this vulnerability by crafting specially formatted URLs. Thank you for notifying us!