Exposure of Sensitive Information to an Unauthorized Actor
IBM WebSphere Portal 6.0 through 22.214.171.124, 6.1.0 through 126.96.36.199 CF27, 6.1.5 through 188.8.131.52 CF27, 7.0 through 184.108.40.206 CF25, and 8.0 through 220.127.116.11 CF08 allows remote attackers to read arbitrary files via a modified URL.
CWE-200 - Information Exposure
An information exposure vulnerability is categorized as an information flow (IF) weakness, which can potentially allow unauthorized access to otherwise classified information in the application, such as confidential personal information (demographics, financials, health records, etc.), business secrets, and the application's internal environment.