From theregister.co.uk
![Someone teaching GDPR rules to others](https://regmedia.co.uk/2020/04/29/shutterstock_gdpr_lesson.jpg?x=442&y=293&crop=1)
An EU-sponsored GDPR advice website run by Proton Technologies had a vulnerability that let anyone clone it and extract a MySQL database username and password.
The vulnerability in question allowed the entire contents of the website’s /.git/ repository to be cloned, as Pen Test Partners explained in a blog post about what it found on advice site GDPR.eu.