CVE-2013-6953 Information

Description

BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.

Reference

http://www.kb.cert.org/vuls/id/553166