The vulnerabilities allowed one security researcher to peek inside the leak sites without having to log in.
