The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote malicious users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco socialminer - |