Security bug

Sagar Gaikwad sagargaikwad4385 at gmail.com
Tue Apr 3 07:15:19 EDT 2018


Bug: Broken access control / Sensitive Information Disclosure


Url:

https://pidgin.im/cgi-bin/mailman/admin
https://pidgin.im/cgi-bin/mailman/admin/
https://pidgin.im/cgi-bin/mailman/admin/announce
https://pidgin.im/cgi-bin/mailman/admin/cabal
https://pidgin.im/cgi-bin/mailman/admin/commits
https://pidgin.im/cgi-bin/mailman/admin/devel
https://pidgin.im/cgi-bin/mailman/admin/devel
https://pidgin.im/cgi-bin/mailman/admin/devel/privacy
https://pidgin.im/cgi-bin/mailman/admin/devel/privacy/sender
https://pidgin.im/cgi-bin/mailman/admin/devel/privacy/spam
https://pidgin.im/cgi-bin/mailman/admin/support
https://pidgin.im/cgi-bin/mailman/admin/support
https://pidgin.im/cgi-bin/mailman/admin/support/privacy
https://pidgin.im/cgi-bin/mailman/admin/support/privacy/spam
https://pidgin.im/cgi-bin/mailman/admin/tracker
https://pidgin.im/cgi-bin/mailman/admin/translators
https://pidgin.im/cgi-bin/mailman/admin/wikiedit



‚Äč
Description:

admin pages easily access by people..its showing sensitive information..
please fix this issue asap

thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20180403/72b560d1/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2.PNG
Type: image/png
Size: 65921 bytes
Desc: not available
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20180403/72b560d1/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 1.PNG
Type: image/png
Size: 77771 bytes
Desc: not available
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20180403/72b560d1/attachment-0003.png>


More information about the security mailing list