Rdiffweb is a web application by Patrik Dufresne, a personal developer in the United States. An information disclosure vulnerability exists in versions prior to Rdiffweb 2.4.8, which stems from the use of a cache containing sensitive information. An attacker could exploit the vulnerability to obtain sensitive information.