Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WebGUI < 7.5.13 RSS Feed Authentication Bypass

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote host is running WebGUI, a content management framework. The remote version of this software is vulnerable to a flaw in the way that it handles access to data. Protected data can be accessed by requesting the data within an RSS feed. An attacker exploiting this flaw would only need the ability to request an RSS subscription.

Solution

Upgrade to version 7.5.13 or higher.