This is an easy bug you can find on profile picture field.
Identify
- Upload image as profile picture.
- Open that image in new tab. We can either right click and open or look for upload directory on source code.
- Now remove the profile picture.
- Refresh the link that originally showed the profile picture.
- If the link is still accessible, it is confirmed vulnerable.
Impact
If the picture is containing any sensitive information, attacker can steel that information using the link.