CVE-2008-3503 Information

Description

RSSFromParent in Plain Black WebGUI before 7.5.13 does not restrict view access to Collaboration System (CS) RSS feeds which allows remote attackers to obtain sensitive information (CS data).

Reference

http://secunia.com/advisories/30782 http://www.securityfocus.com/bid/29927 http://www.vupen.com/english/advisories/2008/1932/references http://www.webgui.org/bugs/tracker/security-issue—collaboration-rss/ http://www.webgui.org/getwebgui/advisories/webgui-7_5_13-beta-released https://exchange.xforce.ibmcloud.com/vulnerabilities/43344