Vulnerability Name: User Enumeration and Information Disclosure Description: It was possible to enumerate users for SquareSpace admin console in uber-movement. Please find below details of users enumerated: 1. [email protected] 2. [email protected] Information Disclosure in https://uber-movement.squarespace.com/?format=json helped me enumerate user for https://uber-movement.squarespace.com/config Please find attach document for proof of concept.

Report Details

Additional information and metadata

State

Closed

Substate

Informative

Submitted

Weakness

Information Disclosure