Forbidden access to https://apps-staging.pingone.com but "/packages.json" visible and full path disclosure

## Summary: If you visit the application https://apps-staging.pingone.com/. The application is protected from unauthorized users (displays Forbidden). In spite of having this protection, an attacker would be able to see the packages information of the application. ## Steps To Reproduce: Go to https://apps-staging.pingone.com/package.json ## Impact This application is only for authorized users. But an attacker can see the package.json of the application, which can be used for further exploitation.