RCBlog data Directory Direct Access User Account Information Disclosure
Remote / Network Access
Loss of Confidentiality
RCBlog contains a flaw that may lead to an unauthorized information disclosure including unauthorized password exposure. The issue is triggered by a request in the /config/ or /data/ directories, which may disclose sensitive information including encrypted passwords, resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.