ZDI-21-354

TLDR Lepide AD Self-Service (LADSS) is vulnerable to a forced browsing issue that allows an unauthenticated actor to download an encrypted backup, however the backup is encrypted with a static