CVE-2006-1386

High

7.5/10

Summary

The (1) rdiff and (2) preview scripts in TWiki 4.0 and 4.0.1 ignore access control settings, which allows remote attackers to read restricted areas and access restricted content in TWiki topics.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Mar 26, 2006

CVE-2006-1386

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS