Comment by markerz
12 days ago
Hey OP, your DELETE curl endpoint is unauthenticated! I can't DM you on HN and there's no contact on your website, so sorry for the public security disclosure. :(
12 days ago
Hey OP, your DELETE curl endpoint is unauthenticated! I can't DM you on HN and there's no contact on your website, so sorry for the public security disclosure. :(
That's part of the vibe in vibe coding.
V.I.B.E - Very Insecure Backend Endpoint
Hey, thank you so much for catching this and calling it out , will take this up and fix it!
Really appreciate you taking the time to look and let me know (even if it had to be in public). I have added a github repo for filing bugs (https://github.com/uncurl/uncurl-support) in the docs page :)