Publicly Editable U.S. Air Force Google Spreadsheet Exposing Student Leave Data

**Description:** Improper Access Control Vulnerability allows any unauthorized user to access restricted contents . The document contains sensitive information regarding students' leave date applications, which could be at risk of unauthorized changes . 1. Visit the document : https://www.███.mil/███████ 2. Search for term "spreadsheets" 3. Visit the link : https://docs.google.com/spreadsheets/█████████ ## Impact Any Attacker can access the data make changes , delete all the data without even signing into google account as there is no authentication in place for the same. ## System Host(s) ██████████.mil ## Affected Product(s) and Version(s) ## CVE Numbers ## Steps to Reproduce 1. Visit the document : https://www.█████████.mil/███ 2. Search for term "spreadsheets" 3. Visit the link : https://docs.google.com/spreadsheets/██████ ## Suggested Mitigation/Remediation Actions