Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.
[
{
"product": "Magento",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.7.0.1"
},
{
"status": "affected",
"version": "fixed in 1.7.0.2"
}
]
}
]