PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 does not require authentication for access to log files, which allows remote malicious users to obtain sensitive server information by using a predictable name in a request for a file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
paperthin commonspot content server |
||
paperthin commonspot content server 8.0.2 |
||
paperthin commonspot content server 8.0.1 |
||
paperthin commonspot content server 8.0.0 |