CVE-2012-4511

Name of the Vulnerable Software and Affected Versions libsocialweb versions prior to 0.25.21

Description The issue allows remote attackers to potentially obtain sensitive information via a man-in-the-middle (MITM) attack. This occurs because the services/flickr/flickr.c component in libsocialweb automatically connects to Flickr even when no Flickr account is set.

Recommendations For versions prior to 0.25.21, update to version 0.25.21 or later to resolve the issue. As a temporary workaround, consider disabling the automatic connection to Flickr until the update is applied.