I think you replied to the right post (mine) but I didn’t downvote you.
Information disclosure doesn’t necessarily imply it’s intentional or unintentional, just that information was disclosed. But in a sense I do agree somewhat with that you said, only that WHO the person who developed the API receives that message from makes a huge difference. The IT security team coming to you and says “information disclosure” is scarier than a team mate
I think you replied to the right post (mine) but I didn’t downvote you.
Information disclosure doesn’t necessarily imply it’s intentional or unintentional, just that information was disclosed. But in a sense I do agree somewhat with that you said, only that WHO the person who developed the API receives that message from makes a huge difference. The IT security team coming to you and says “information disclosure” is scarier than a team mate
Oh I wish that were true but unless GRC or Legal get involved nothing much comes of it lol