Information Disclosure in SearchBlox CollectionListServlet

Information Disclosure in SearchBlox CollectionListServlet

CVE-2013-3597 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.

Learn more about our User Device Pen Test.