U.S. Dept Of Defense: Air Force candidate PII + recruitment chat logs accessible via BAC/IDOR on █████████ (very large/significant exposure)

A vulnerability was discovered in a Department of Defense-owned Salesforce asset that allowed unauthorized access to sensitive personal information of Air Force candidates. The vulnerability stemmed from a misconfiguration in the Document object, which permitted an attacker to retrieve a large...