IBM Rational Focal Point RequestAccessController Servlet Information Disclosure (CVE-2013-5398)

An information disclosure vulnerability has been reported in IBM Focal Point. The vulnerability is due to input validation error of file variable in com.telelogic.focalpoint.pres.controller.RequestAccessController servlet. A remote unauthenticated attacker could exploit this vulnerability to read...