|
|
|
|
|
|
by nl
5369 days ago
|
|
|
If anyone happens to lose money through this vulnerability I think that provides enough evidence to make AMEX knowingly culpable. Without that, this is just run-of-the-mill incompetence. But the Disallow: /us/admin/ indicates that they knew that URL was wide open, and failed to act. |
|
|