CVE-2013-3597 Information

Description

servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usernames and passwords via a getList action.

Reference

http://buddhalabs.com/Advisories/WebAdvisories.html http://www.kb.cert.org/vuls/id/592942 http://www.searchblox.com/developers-2/change-log