Sensitive Information Leaking Through DoD Owned Website https://www.█████.mil

**Summary:** While checking for some vulnerabilities in dod website I came across this sensitive document which contains sensitive details such as personal mail ids, names, phone numbers, client IP, and address. **Description:** The above website is leaking information such as - personal mail ids, names, phone numbers, client IP, and address in a clear readable pdf document. This is a high severity issue and requires immediate fixation. It is also a clear privacy violation and insufficient protection mechanism involved in data storage. I look forward to a satisfactory reply from your side. These details are a complete collection of all the user's comments, which are accumulated into a single pdf. ## Impact High ## Step-by-step Reproduction Instructions visit this link: https://www.█████████.mil/████ ## Suggested Mitigation/Remediation Actions Remove documents from the internet or put applicable authorization mechanism(s) in order to access sensitive documents. ## Impact Any person can access this document and cause information leakage, target a specific person for a crime.