WebGUI Collaboration RSS Information Disclosure Vulnerability

info
discussion
exploit
solution
references

WebGUI Collaboration RSS Information Disclosure Vulnerability

WebGUI is prone to an information-disclosure vulnerability because it does not properly restrict access to the RSS feed.

An attacker can exploit this vulnerability to access collaboration data without having the appropriate authentication credentials. Information obtained may aid in further attacks.

Versions prior to WebGUI 7.5.13 (beta) are vulnerable.