It's possible to bypass password protection by adding additional slashes to URL.
vulners.com/securityvulns/securityvulns:doc:8790