Unauthorized access to employee panel with default credentials.

## Summary: Hello, When hunting for your web application. I have managed to go https://cars.fas.gsa.gov/cars/cars and get displayed with a form. I have already tried to login to Cars and without success. However i've noticed the loginChk() function and change the value of the form hence bypassing it and logging in succesfuly. ## Steps To Reproduce: 1. go to https://cars.fas.gsa.gov/cars/cars 2. type loginChk() function in console. 3. It would return false. 4. Now type in console ( can be opened using F12). document.forms[0].scSelCen.value = "admin" 5. Now try to login by clicking on CARS button. ## Supporting Material/References: Navigator used : google chrome. If you need any additional information. feel free to ask me. PS : I think the website went for a maintenance right now. Even though i didn't use anything of that panel. ## Impact Any attacker would have the access to admin panel and do whatever he wants. As i can see , it's a platform for reporting accidents.