Critical information disclosure at https://www.doi.gov/

Disclosed by

tejaspawar172000

Engagement Department of Interior: Vulnerability Disclosure Program
Disclosed date 4 Jan 2022 over 3 years ago
Priority P5 Bugcrowd's VRT priority rating
Status Informational This vulnerability is seen as an accepted business risk

Summary by tejaspawar172000

Can i disclose my?

Report details

Submitted

25 Dec 2021 20:30:10 UTC
Target Location

*.doi.gov
Target category

Web App
VRT

Sensitive Data Exposure > Disclosure of Known Public Information
Priority

P5
Bug URL

https://pdsimage2.wr.usgs.gov/data/
Description
Summary :
hello Team ,
while Exploring Your Site https://www.doi.gov/ .I found that Search Parameter is vulnerable And it is diclosing the path that gives access to critical information.

Vulnerable URL:-
https://search.usa.gov/search?affiliate=doi.gov&query=%5c%22%3balert(%27XSS%27)%3b%2f%2f&commit=Search

https://pdsimage2.wr.usgs.gov/data/

Impact :-

The impact here can be great because Attacker Is Able To Gain sensitive Information About target

Step-by-step Reproduction Instructions :-
1 . Go to https://www.doi.gov/
2 . perform search operation using payload \";alert('XSS');//
3 . It discloses the path
https://pdsimage2.wr.usgs.gov/data/mgs-m-moc-na_wa-2-sdp-l0-v1.0/mgsc_1111/
1. Go to below Path https://pdsimage2.wr.usgs.gov/data/mgs-m-moc-na_wa-2-sdp-l0-v1.0/mgsc_1111/ It is disclosing The Sensitive information.
POC:

20211226014134.mp4

Activity

DOI_RPI Customer published the disclosure report
3 years ago(04 Jan 2022 20:33:58 UTC)
tejaspawar172000 requested disclosure
3 years ago(29 Dec 2021 13:13:24 UTC)
chickenJoe changed the state to Informational
3 years ago(27 Dec 2021 18:18:18 UTC)
chickenJoe updated VRT to Sensitive Data Exposure > Disclosure of Known Public Information
3 years ago(27 Dec 2021 18:18:13 UTC)
chickenJoe sent a message
3 years ago(27 Dec 2021 18:17:44 UTC)Edited 3 years ago
tejaspawar172000 created the submission
3 years ago(25 Dec 2021 20:30:11 UTC)