While searching for extremely vulnerable servers, I have found which belongs to your organization.
I am able to see all the logs, source code, build logs of your Jenkins server without any authentication. Being in enterprise resource solutions services, supply chain management, Security of the data, e-commerce services this issue is very severe. I hope you take your security very seriously. I hope you will authenticate the server soon and award me a good bounty for this responsible disclosure.
Hi , iDempiere is an open source, so is normal that the code is visible.
Thank you so much for your quick response. I am glad that this server is meant to be public.