Sensitive Information Disclosure Through Config File

## Summary: An attacker could gain access to sensitive information about usernames, encrypted passwords, internal IP addresses and configuration data of internal services. ## Steps To Reproduce: - Go to https://zik.mtncameroon.net/common/queryconfig.action ## Remediation Configure the application to not reveal sensitive information to client. ## References https://cwe.mitre.org/data/definitions/200.html ## Impact A malicious user is able to gain sensitive information usernames, encrypted passwords, internal IP addresses and configuration data of internal services.