World-readable permissions in XBMC 13.0 expose sensitive information in .xbmc/userdata/sources.xml

World-readable permissions in XBMC 13.0 expose sensitive information in .xbmc/userdata/sources.xml

CVE-2014-3800 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

XBMC 13.0 uses world-readable permissions for .xbmc/userdata/sources.xml, which allows local users to obtain user names and passwords by reading this file.

Learn more about our User Device Pen Test.