Mavenlink: Information disclosure when trying to delete an expense's attachment on m.mavenlink.com

There was an information disclosure vulnerability in a particular error message on the mobile site. Using this vulnerability, it was possible to gain access to the filename of certain un-owned attachments...