Unikrn: █████████ on CRM server without authorization

2019-02-28T12:35:08
ID H1:503300
Type hackerone
Reporter v4lid0l
Modified 2019-03-14T05:42:24

Description

The https://crm.unikrn.com/███████ file is available on the server https://crm.unikrn.com without authorization. Anyone can run this script. How to classify this vulnerability - leave the right for you.

Impact

Anyone can run this script.