User Enumeration and Information Disclosure
Unknown
Vulnerability Details
Vulnerability Name: User Enumeration and Information Disclosure
Description:
It was possible to enumerate users for SquareSpace admin console in uber-movement.
Please find below details of users enumerated:
1. [email protected]
2. [email protected]
Information Disclosure in https://uber-movement.squarespace.com/?format=json helped me enumerate user for https://uber-movement.squarespace.com/config
Please find attach document for proof of concept.
Actions
View on HackerOneReport Stats
- Report ID: 155578
- State: Closed
- Substate: informative
- Upvotes: 1