Sensitive data disclosure vulnerability in Apple web server


Apple, a small company you may have heard of, had a flaw in the configuration of its web server that was sniffed out by our security expert, Halis Duraki

Although we live for a world of absolute security – yes, we are aware that would leave us unemployed – sometimes we are almost relieved to see big companies make a security mistake. Because, one thinks, if something like that can happen to the giant from Cupertino, it can happen to anyone...

People at Apple forgot to delete the .git folder on their web server which was dug up by our security expert Halis Duraki. This allowed Halis to download the source code of their application and access confidential data. This vulnerability with the description of Sensitive Data Disclosure received a severity level of high.

Of course, we reported all this, Apple corrected it and informed the people on its official support website.