Information Disclosure on inside.gratipay.com

Disclosed: 2017-09-09 17:23:17 By malek To gratipay
None
Vulnerability Details
Hello @gratipay, By checking request headers I've been able to identify that inside.gratipay.com is running on Server: WSGIServer/0.1 Python/2.7.11. Request: https://inside.gratipay.com/assets/inside-gratipay.svg GET /assets/inside-gratipay.svg HTTP/1.1 Host: inside.gratipay.com User-Agent: Mozilla/5.0 (X11; Linux i686; rv:45.0) Gecko/20100101 Firefox/45.0 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: https://inside.gratipay.com/ Connection: keep-alive Cache-Control: max-age=0 Response: HTTP/1.1 200 OK Connection: close Date: Sat, 09 Sep 2017 16:21:50 GMT Server: WSGIServer/0.1 Python/2.7.11 Content-Type: image/svg+xml via: 1.1 vegur
Actions
View on HackerOne
Report Stats
  • Report ID: 267213
  • State: Closed
  • Substate: informative
  • Upvotes: 1
Share this report