Summary

During a review of a subdomain in appdat.jsc.nasa.gov, three critical vulnerabilities were identified:

Authentication Bypass: **The Keycloak “ordem-production” realm accepts **default credentials, granting full access without authorization.

Sensitive Information Exposure: Authenticated users can view internal staff PII, full names, mail codes, phone numbers and email addresses on the About page, enabling spear-phishing and privacy violations.

Reflected XSS: The jobno parameter is not sanitized, allowing arbitrary JavaScript execution (e.g. cookie theft) after login.

Collectively, these issues enable unauthorized access, PII disclousure **and **session hijacking.

Activity Feed