V4 - Access Control
EXIF Geolocation Data Not Stripped From Uploaded Images - User Enumeration
POC
- Upload the image
- See the path of uploaded image
- Open it (exif.regex.info/exif.cgi)
- See whether is that still showing exif data
Impact
Low
Likelihood
Low
