Direct Topics topic.php topic Variable Path Disclosure
Remote / Network Access
Loss of Confidentiality
DirectTopics contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an attacker provides malformed input to the 'topic' variable in the topic.php script, which will disclose the full installation path of Direct Topics resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.