CVE-2013-6730 Information

Description

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27 6.1.5.x through 6.1.5.3 CF27 7.0.0.x before 7.0.0.2 CF27 and 8.0.0.x before 8.0.0.1 CF10 when the wcm.path.traversal.security setting is enabled allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1PI07185 http://www-01.ibm.com/support/docview.wss?uid=swg21665915 https://exchange.xforce.ibmcloud.com/vulnerabilities/89363