Admin Access to a domain used for development and admin access to internal dashboards on that domain
Z
Zomato
Submitted None
Team Summary
Official summary from Zomato
@prateek_0490 Was able to find our development server without any authentication. Which leads to leak the user data and some internal dashboards.
Actions:
Reported by
prateek_0490
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic