- Status Closed
-
Assigned To
cbay - Private
Attached to Project: Security vulnerabilities
Opened by waloodi_109 - 20.05.2025
Last edited by cbay - 21.05.2025
Opened by waloodi_109 - 20.05.2025
Last edited by cbay - 21.05.2025
FS#173 - Insecure Cache-Control Leading to View Email and Message's
# Insecure Cache-Control Leading to View Email and Message's in https://www.alwaysdata.com/en/abuse/
Hello Team, I hope you are doing well. While, Researching in your domain I found Insecure Cache-Control Leading to View Email and Message's in https://www.alwaysdata.com/en/abuse/
# Steps to Reproduce:
1. Go to https://www.alwaysdata.com/en/abuse/.
2. Fill the form and submit it.
3. Visit every page in url or press back button in browser you can see that email or any sensitive message's are already feeded.
# Impact:
In a PC scenario in an office or in a library or in a coffee shop to view sensitive message's and email also.
# Note:
Tested in Chrome latest version, Mobile Device, FireFox and IE.
Thank You,
Waleed Anwar
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Hello,
That's not a vulnerability.
Kind regards,
Cyril