Elon Musk\u2019s DOGE Website Database Vulnerability Let Anyone Make Entries Directly
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
A website launched by Elon Musk\u2019s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly modify its content. <\/p>\n
The vulnerability discovered by two web development experts arises from the website\u2019s use of an unsecured external database. This allowed anyone aware of the vulnerability to post and display content live on the site.<\/p>\n
The DOGE website, launched in January, was intended to showcase the department\u2019s efforts to cut government spending. However, for weeks it remained largely inactive, featuring only three lines of text and a cartoonish logo.<\/p>\n
It was further developed on Wednesday and Thursday. The site pulls data from a Cloudflare<\/a> Pages site, where the underlying code is deployed.<\/p>\n The security flaw was first reported by 404Media, who were alerted by two web development specialists. They found that the doge.gov website connects to a database that is accessible and modifiable by third parties.<\/p>\n This allowed anyone to make unauthorized<\/a> modifications that appeared on the live website. The vulnerability was quickly exploited, with individuals posting satirical messages on the site\u2019s homepage.<\/p>\n These messages remained visible for hours. <\/p>\n Newsweek also reported seeing the message, \u201cThis is a joke of a .gov site\u201d on Friday morning. The ease with which the website was defaced has raised concerns about the security practices of DOGE.<\/p>\n Experts have noted that the site appears to have been hastily constructed. One coder told<\/a> 404Media, \u201cIt feels like it was hastily constructed.<\/p>\n There are numerous errors and sensitive information exposed in the page source code\u201d. Sam Curry, a coding expert, noted that the DOGE website seems to be developed and hosted by Burst Data, which is managed by a current DOGE employee.<\/p>\n He added that images on the site are routed through Cloudflare\u2019s<\/a> ImageDelivery service. The DOGE team has since resolved the website issues, removing the controversial messages.<\/p>\n However, the incident has raised questions about the department\u2019s ability to handle sensitive data and maintain secure systems. Before the alleged hack, the DOGE website reportedly posted classified intelligence data.<\/p>\n According to a report by the Huffington Post, the site displayed information about the size and staff of a US intelligence agency. The exposure of classified data and the ease with which the website was hacked have led to increased scrutiny of DOGE and its practices.<\/p>\n Critics have raised concerns about the department\u2019s access to sensitive information and the potential for conflicts of interest. Several lawsuits have been filed against DOGE, challenging its access to government data.<\/p>\n The post Elon Musk\u2019s DOGE Website Database Vulnerability Let Anyone Make Entries Directly<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nOne message read: \"This is a joke of a .gov site\".
Another stated: \"THESE 'EXPERTS' LEFT THEIR DATABASE OPEN - roro\".<\/pre>\nFind this Story Interesting! Follow us on\u00a0Google News<\/a>,\u00a0LinkedIn<\/a>, and\u00a0X<\/a>\u00a0to Get More Instant Updates<\/strong><\/code><\/strong><\/code><\/strong><\/p>\n