Security vulnerabilities

  • Status Closed
  • Assigned To
    cbay
  • Private
Attached to Project: Security vulnerabilities
Opened by khukuririmal - 13.04.2025
Last edited by cbay - 14.04.2025

FS#152 - Leaked Credentials via Breach Forums

I am a security researcher and as a part of the Bug bounty program I want to responsibly disclose credentials leak that I have identified for some of your customers. The credentials leaked are part of stealer logs data which has been stolen from browsers of your customers and has been made public.
I have identified leaked credentials on dark web and telegram. These credentials when used in browsers like chrome also gives you a warning of it being part of the breach. Attaching a screenshot of the same for your reference.
Please use the below mentioned credentials to replicate the issue

URL: https://admin.alwaysdata.com/login/ Username: Swaa…@gmail.com Password: HIDDEN

Username: abin.m…@gmail.com Password: HIDDEN

Username: form.d…@gmail.com Password: HIDDEN

Remediation:
1. Notify the mentioned users about the breach and ask them to change their password.
2. Block the users in the backend and force them to change their password in next login attempt.

Closed by  cbay
14.04.2025 08:04
Reason for closing:  Invalid
Admin
cbay commented on 14.04.2025 08:04

Hello,

Some customers do leak their credentials sometimes, that's not a vulnerability on our side though.

Kind regards,
Cyril

khukuririmal commented on 14.04.2025 08:22

I am fine if you think its not a vulnerability from your side. But can these credentials be blocked at least or rotated else anyone will use them and login on their behalf. Also i expected security team to blur the password and emails while they respond to the tasklist. It contains credentials and anyone can see this post and login to their profiles.

Admin
cbay commented on 14.04.2025 08:37

I've redacted them.

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing