Nice. 1. Find exploit on e-services site 2. ??? 3. Never have to pay rates ever again! I am so sorted. On Tue, Apr 22, 2014 at 4:42 PM, sameegh jardine <sameegh@xxxxxxxxx> wrote: > Yo Salie, > > Check this image out. You can delete the history for the service account > which is probably what gets used by every single user who uses the site :P > > Your cached details are gone, lol > > > On Tue, Apr 22, 2014 at 4:16 PM, Ryan Williams <ryan820509@xxxxxxxxx>wrote: > >> Ouch. >> >> >> On Tue, Apr 22, 2014 at 4:09 PM, Ilitirit Sama <ilitirit@xxxxxxxxx>wrote: >> >>> The Cape Town Municipality E-Services portal has an embarrassing privacy >>> flaw. Certain email fields have a property enabled that retrieves a short >>> list of known email addresses from the server once you start typing. This >>> leaks the email addresses of other users. >>> >>> http://i.imgur.com/xyBi6Ws.png >>> >>> I've sent their webmaster an email about this. >>> >> >> >