U.S. Dept Of Defense disclosed a bug submitted by nightm4re: https://hackerone.com/reports/1627961 – Bounty: $500 [Source]