OpenSearch unauthorized data access on fields protected by field masking for fields of type ip, geo_point, geo_shape, xy_point, xy_shape

Impact OpenSearch versions 2.19.2 and earlier improperly apply field masking rules on fields of the types ip, geopoint, geoshape, xypoint, xyshape. While the content of these fields is properly redacted in the source document returned by search operations, the original unredacted values remain...

Mail.ru: Public available Sensitive Information about drivers

Domain, site, application -- API for client app Citimobil https://c-api.city-mobil.ru/ Version 4.33.0 and others Testing environment -- Device on any OS with internet connection Any software to send https requests Steps to reproduce -- Send POST request to url...