Skip to main content
Security Breached Blog

P1 Like a Boss | Information Disclosure via Github leads to Employee Account Takeover | Bug Bounty POC

Muhammad Khizer Javed November 3, 2018

Hey Guys,


So This blog is a short blog about a P1 issue i found in a site it was a really simple and maybe a common issue, So I got invited to a site and the first thing i mostly do is to check for issues related to that site & also code etc, so i searched in


Now in search i saw a file named


“report.js” created by someone from the firm and upon checking the file t contains login info of an account

      "cells": [
        "[email protected]",

So Now the Next Thing for me was to try to login to the target site using the information i got from Github so i did try login and surprisingly i was logged-in

Now To see More of it’s impact the site has this in their FOCUS AREAS of the policy

“ login via SSO”

so I went to and clicked login and because i was already logged-in to the root account i was also logged-in to the help center and i was able to see all of the support tickets of others made to help center and as i was in an Employees Account i was able to see all tickets made to the organisation Some of the tickets contains tokens, api keys, passwords, and PII of their customers


Thanks For Reading 🙂