CVE-2013-5489 Information

Description

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests which allows remote attackers to obtain sensitive information by reading (1) web-server access logs (2) web-server Referer logs or (3) the browser history aka Bug ID CSCuh74125.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5489 http://tools.cisco.com/security/center/viewAlert.x?alertId=30734 https://exchange.xforce.ibmcloud.com/vulnerabilities/86965