Kubernetes: Sensitive Information disclosure Through Config File

2020-01-15T01:04:48
ID H1:775123
Type hackerone
Reporter a1c3venom
Modified 2020-07-24T00:22:39

Description

Report Submission Form

Summary:

hello Team

while Exploring Your Site.I found Config File Is leaked In Your Site Where Contains Sensitive Information,Credentials ETc

Vulnerable URL:- https://prow.k8s.io/config

Impact

Attacker Is Able To Gain sensitive Information About target and Also might Get Credentials