Information Disclosure through Sentry Instance.

The researcher identified an exposed API endpoint related to the Sentry error monitoring tool. This endpoint returned sensitive information from logged error events directly in the HTTP response, including internal hostnames, environment details, and potentially credentials. The data could be accessed without authentication by sending crafted requests to the /api//store endpoint, then rendering the returned event data in the UI. This exposure could allow attackers to gather intelligence about the internal infrastructure and use leaked secrets to compromise the system.