Tag Archives: DigiLIBE 3.4

CVE-2013-1402 – DigiLIBE Management Console – Execution After Redirect (EAR) Vulnerability

OverviewDigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_configuration.html. Impact CVSS Severity (version 2.0):