Summary by shrutiypatil
I discovered a sensitive data exposure in nasa subdomain where a direct URL like [redacted]/downloadFile/1270 allowed anyone to grab a confidential PDF file, no login required. This P3 vulnerability issue spilled internal docs, risking breaches of policies or PII.