CVE-2013-1402 Information

Description

DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html.

Reference

http://archives.neohapsis.com/archives/bugtraq/2013-01/0095.html