CVE-2005-3923

Name of the Vulnerable Software and Affected Versions NetObjects Fusion 9 (NOF9)

Description The issue allows remote attackers to obtain sensitive information, including passwords, by downloading the versioning repository /rollbacklog.xml file. This file can then be used to download and modify the associated ZIP file, enabling attackers to edit and republish the site.

Recommendations For NetObjects Fusion 9 (NOF9), restrict access to the versioning repository /rollbacklog.xml file to prevent unauthorized downloads and modifications. Avoid using sensitive information in the rollbacklog.xml file until the issue is resolved.