FirstBlood-#1061 — PII data leak
This issue was discovered on FirstBlood v3
On 2022-12-08, twsec Level 2 reported:
i have discovered an PII info leak while navigating to /api/doctors.php
FirstBlood ID: 66
Vulnerability Type: Information leak/disclosure
It is possible to leak doctors private information such as email and phone number via the /api/doctors.php endpoint. No authentication is needed.