The UI Performs the Wrong Action in babybuddy/babybuddy
Sep 15th 2021
Violation of secure design principles
Proof of Concept
step 1: login to account and logout step 2: click back button in browser step 3:check rightt corner of there we can see user profile option step 4: click on that application settings is getting listed PoC image attached as link https://ibb.co/GMVH79B
This vulnerability is capable of leaking sensitive information in certain scenarios.