writeups.xyz / From Django Debug Mode to PII Data Leak of more than 500+ Employees due Broken Access Control and IDOR

Submitter : c2a

Date: 14 April 2023

Bounty : undisclosed

Vulnerabilities :

• Debug Mode Enabled
• IDOR
• Information Disclosure
• JWT
• Broken Access Control
• Exposed Registration Page

Programs :

• Undisclosed

Authors :

• Aayush Vishnoi (@AayushVishnoi10)

Link :
https://medium.com/@ar_hawk/from-django-debug-mode-to-pii-data-leak-of-more-than-500-employees-due-broken-access-control-and-a3eb602a4207