VULNERABILITY DESCRIPTION This vulnerability involves a Web Cache Deception attack targeting the https://redacted.com/anynonexisting URL endpoint. By manipulating the caching mechanisms, unauthorized users can gain access to sensitive Personally Identifiable Information (PII), such as First Name, Last Name, Phone Number, Email Address, User Id, and Encrypted IP Address. During the assessment of the target application, it was observed that the server had implemented restrictions to prevent Web Cache Deception attacks on API/Web endpoints that had session tokens or data in the response. Unfortunately, the same precautions were not implemented on the /404 page or any /nonexistingurl. We discovered that the response for any endpoint that doesn't exist contained PII information without any cache controls in place. RISK BREAKDOWN Risk: HIGH Difficulty to Exploit: Easy STEPS TO REPRODUCE Step 1: Assume yourself as a victim already logged into the website and navigate to https://www.redacted.com/favicon.ico?agilehunt=13337. Step 2: Observe that the response for the request has