Sensitive Server Side information Disclosure

[sanjogpandasp]

Hi,

There is a sensitive information disclosure which reflects DB and system logs.

Try to browse to https://beta.hospitalrun.io/db/config/_changes

[jkleinsc]

@sanjogpandasp thanks for this information. I am in process on a fix.

[jkleinsc]

@sanjogpandasp I have updated the couch initialization scripts to disallow changing the config db, so I am going to close this issue. Thank you for reporting this.