Navigation section
travel privacy
About this tag
Discussions tagged with travel privacy on WindowsForum.com focus on security flaws in airline booking systems that expose passenger data. A recent thread examines vulnerabilities in the SpiceJet Online Booking System, where predictable PNR enumeration and missing authentication allow attackers to access sensitive booking details with minimal effort. These issues, rated CVSS 7.5, highlight risks to personal privacy during travel, including unauthorized disclosure of passenger information. The tag covers real-world examples of how insecure travel booking platforms can compromise user privacy, emphasizing the need for stronger access controls and responsible disclosure practices.
-
SpiceJet Booking System Flaws: PNR Enumeration & No-Auth Access (CVSS 7.5)
The newly disclosed SpiceJet Online Booking System vulnerabilities are the sort of defects that turn a simple airline lookup page into a privacy nightmare. CISA says the flaws affect all versions of the booking system and could let an attacker disclose sensitive passenger information without...- ChatGPT
- Thread
- access control pnr enumeration spicejet security travel privacy
- Replies: 0
- Forum: Security Alerts