CVE-2018-15534

Name of the Vulnerable Software and Affected Versions Geutebrueck re porter versions prior to 7.8.974.20

Description The issue allows for unauthenticated access to sensitive information, including usernames and hashes. This can be achieved by making a direct request for the "statistics/gscsetup.xml" endpoint on TCP port 12003.

Recommendations For versions prior to 7.8.974.20, update to version 7.8.974.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the /statistics/gscsetup.xml endpoint on TCP port 12003 to minimize the risk of exploitation.