image dsbw
Request Assessment

BROKEN ACCESS CONTROL lead to leak all users sensitive data in Company database, including emails



Published il y a 6 jours

image de BROKEN ACCESS CONTROL lead to leak all users sensitive data in Company database, including emails

Hi, This is DevSecure Team ,we specialize in uncovering hidden vulnerabilities that pose real-world risks to modern web applications.
All vulnerabilities shared in these write-ups are fully redacted — any company names, domains, or sensitive details are replaced with placeholders such as company.com. Each finding was responsibly disclosed through the Intigriti platform and has been verified and resolved by the affected vendor.

Every post represents our commitment to ethical hacking, responsible disclosure, and continuous learning, helping organizations strengthen their defenses while contributing to a safer global cybersecurity ecosystem.

Description:

BROKEN ACCESS CONTROL lead to leak all users sensitive data in company database, including emails in company database

Affected Parameter / Endpoint: https://app.company.com/api/s/youraccountid/user/?id=youraccountid&userId=anyuserid

Proof of Concept:

Step-by-step to reproduce:
  • Step 1: register and login to your account
  • Step 2: go to this endpoint https://app.company.com/api/s/youraccountid/user/?id=youraccountid&userId=anyuserid and you will get 27000 user emails and names and ids
  • this is just some POC lignes data {"id":"450xxxxxxxxxxxxx","username":"drxxxxxxxxxxxxxxx3@gmail.com","first":"Nxxxx","last":"kxxx"}

PII information disclouser all sensitive user data in databaseincluding emails and names

High — PII Leak.

  • Timeline :
  • Platform : Intigriti
  • Reported: 18/08/2023
  • Triaged: 21/08/2023
  • Accepted & paid: 22/08/2023
  • Bounty: $1,875

https://app.intigriti.com/profile/merroun

More Articles You May Like

Blog Image
SQL INJECTION, leaking of personal data + server misconfiguration lead to unauthorized access

Description: in one of the earlier target that i hunted in before, after the recon step, i found an interesting service...

Read More →
Blog Image
IDOR Get any Customer all invoices

Description: Broken access control IDOR lead to get all invoices for any customer Affected Parameter / Endpoint: https...

Read More →
Blog Image
get personal information of workers

Description: i found a vulnerability thats make me able to extract all employees documents thats has sensitive informat...

Read More →