Information Disclosure
github.com/tailscale/tailscale is vulnerable to information disclosure. The vulnerability exists in the ServeHTTP function in peerapi.go due to lack of validations of PeerAPI which allows an attacker to read the node’s environment variables, credentials and other sensitive information via CSRF...