Описание
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-3503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43344
- http://secunia.com/advisories/30782
- http://www.securityfocus.com/bid/29927
- http://www.vupen.com/english/advisories/2008/1932/references
- http://www.webgui.org/bugs/tracker/security-issue---collaboration-rss
- http://www.webgui.org/getwebgui/advisories/webgui-7_5_13-beta-released
Связанные уязвимости
nvd
больше 17 лет назад
RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds, which allows remote attackers to obtain sensitive information (CS data).