BDS-18387Critcal Information Disclosure via Server.txt on google
Hello Team during my testing i discovered your server.txt file is available on google which contain lot's of information like internal path etc.. so any one can read this file he/she can perform lots' of attackΒ
Β
Vulnerable URL: https://piston-data.mojang.com/v1/objects/2c23942beb9a74e6da5c960aeeeee7b39c1632ee/server.txt
Β
Attachments1
Comments2
History3
Resolution: Unresolved β Awaiting Response
Resolution: Awaiting Response β Unresolved
Resolution: Unresolved β Incomplete
Hi
Does this issue still occur after updating to 1.20.15?
This ticket will automatically reopen when you reply.
Cleaning up old tickets: This ticket had been set to 'Awaiting Response', but has not received a response from the reporter (~3 months+) so is being closed as Incomplete. If you feel this is still a valid issue then please comment, or create a new ticket following the Issue Guidelines which includes steps to reproduce the problem.
Quick Links:
π Issue Guidelines β π¬ Mojang Support β π§ Suggestions β π Minecraft Wiki