Exploiting vulnerabilities in Johnson and Johnson web apps
vulnerabilityweb application securityJohnson & Johnsoncampus recruitingaudit tracking management systemMicrosoft SSOauthenticationAPI keyBearer tokenMSALReactJSinternal data breach
Author: EatonZ
Date: 6/24/2026
Article Summary:
The author discloses two vulnerabilities found in Johnson & Johnson's web applications, one in a campus recruiting system and the other in an internal audit tracking management system, exposing sensitive information and allowing unauthorized access.