Information Disclosure at : https://curl.se/.mailmap
High
C
curl
Submitted None
Actions:
Reported by
haithamzakaria
Vulnerability Details
Technical details and impact analysis
## Summary:
=================
During a security assessment, it was discovered that email addresses were exposed in a publicly accessible location. The data was retrieved using standard tools, such as curl, without requiring authentication or special permissions. This raises a concern regarding the confidentiality of sensitive user information.
## Steps To Reproduce:
==================
The following email addresses were disclosed:
at : https://curl.se/.mailmap
1. Andy Alt: [email protected]
2. Ali Khodkar: [email protected]
## Supporting Material/References:
=============
go to : https://curl.se/.mailmap
now add you payload
## Impact
Exposing email addresses can lead to phishing attacks, spam, or social engineering attacks targeting the affected individuals.
If these emails are linked to privileged accounts (e.g., administrative roles or GitHub contributors), this exposure increases the risk of further exploitation, such as impersonation or unauthorized account access.
Report Details
Additional information and metadata
State
Closed
Substate
Not-Applicable
Submitted
Weakness
Information Disclosure