Unjected involves flirting between users who share the same views on vaccination against coronavirus. The data ended up on the network, because any of the users could not only find out all the information about other members of the community, but also make changes – the “debug mode” for developers was activated in the admin panel of the application. and should not be available to ordinary users.
As mentioned, therefore, any user can learn the name, date of birth, e-mail address and home address, if specified, of other participants. You can also add or remove pages, offer free subscriptions to paid services, and even delete the entire backup database. This issue was reported by a security researcher named GeopJr.
Source: Ferra
