Pretty interesting ! Sometimes it's really strange to see some obvious implemention errors that expose in the Ajax request responses some user data. I really understand your feeling when the company don't take it seriously. That's annoying...
Which CMS was it ? Is it opensource ?
Good hacking !
Yeah, it was a real "wtf" moment when the API spilled out all that sensitive information.
It doesn't feel right to drop any details on the CMS here. Let's just hope they learned their lesson :).
Pretty interesting ! Sometimes it's really strange to see some obvious implemention errors that expose in the Ajax request responses some user data. I really understand your feeling when the company don't take it seriously. That's annoying...
Which CMS was it ? Is it opensource ?
Good hacking !
Yeah, it was a real "wtf" moment when the API spilled out all that sensitive information.
It doesn't feel right to drop any details on the CMS here. Let's just hope they learned their lesson :).
Yeah actually you’re right about not dropping details.