Summary by snillx
During a review of a subdomain in appdat.jsc.nasa.gov, three critical vulnerabilities were identified:
Authentication Bypass: **The Keycloak “ordem-production” realm accepts **default credentials, granting full access without authorization.
Sensitive Information Exposure: Authenticated users can view internal staff PII, full names, mail codes, phone numbers and email addresses on the About page, enabling spear-phishing and privacy violations.
Reflected XSS: The jobno parameter is not sanitized, allowing arbitrary JavaScript execution (e.g. cookie theft) after login.
Collectively, these issues enable unauthorized access, PII disclousure **and **session hijacking.